CVE-2022-27532
First published: Thu Jun 16 2022(Updated: )
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk 3ds Max | >=2021<2021.3.8 | |
| Autodesk 3ds Max | >=2022<2022.3.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-27532?
CVE-2022-27532 is a vulnerability in Autodesk 3ds Max 2022 and 2021 where a maliciously crafted TIF file can be used to write beyond the allocated buffer while parsing TIF files, which could lead to arbitrary code execution.
How does CVE-2022-27532 affect Autodesk 3ds Max?
CVE-2022-27532 affects Autodesk 3ds Max 2022 and 2021, allowing a maliciously crafted TIF file to write beyond the allocated buffer, potentially leading to arbitrary code execution.
What is the severity of CVE-2022-27532?
CVE-2022-27532 has a severity rating of 7.8 (high).
How can I fix CVE-2022-27532 in Autodesk 3ds Max?
To fix CVE-2022-27532 in Autodesk 3ds Max, apply the latest security update provided by Autodesk. Refer to the vendor's security advisory for more information.
Where can I find more information about CVE-2022-27532?
More information about CVE-2022-27532 can be found in the Autodesk security advisory, available at the following URL: https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0010
- collector/nvd-index
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/tags
- agent/type
- agent/description
- agent/softwarecombine
- agent/event
- vendor/autodesk
- canonical/autodesk 3ds max
- version/autodesk 3ds max/2021
- version/autodesk 3ds max/2022