What is the vulnerability ID?

The vulnerability ID is CVE-2022-33887.

What is the severity of CVE-2022-33887?

CVE-2022-33887 has a severity keyword of high and a severity value of 7.8.

Which software versions are affected by CVE-2022-33887?

Autodesk AutoCAD versions between 2022.1.3 and 2023.1.1, including Advance Steel, Architecture, Civil 3D, Electrical, LT, Map 3D, Mechanical, MEP, and Plant 3D, are affected by CVE-2022-33887.

How can an attacker exploit CVE-2022-33887?

An attacker can exploit CVE-2022-33887 by using a maliciously crafted PDF file to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Is there a fix for CVE-2022-33887?

To mitigate CVE-2022-33887, users should apply the necessary security updates provided by Autodesk.

Vulnerability/
CVE-2022-33887

high

7.8

CWE

755

3/10/2022

5/10/2022

CVE-2022-33887

First published: Mon Oct 03 2022(Updated: )

A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.

Credit: psirt@autodesk.com

Affected Software	Affected Version	How to fix
Autodesk Autocad	>=2022<2022.1.3
Autodesk Autocad	>=2023<2023.1.1
Autodesk Autocad Advance Steel	>=2022<2022.1.3
Autodesk Autocad Advance Steel	>=2023<2023.1.1
Autodesk AutoCAD Architecture	>=2022<2022.1.3
Autodesk AutoCAD Architecture	>=2023<2023.1.1
Autodesk Autocad Civil 3d	>=2022<2022.1.3
Autodesk Autocad Civil 3d	>=2023<2023.1.1
Autodesk AutoCAD Electrical	>=2022<2022.1.3
Autodesk AutoCAD Electrical	>=2023<2023.1.1
Autodesk Autocad Lt	>=2022<2022.1.3
Autodesk Autocad Lt	>=2023<2023.1.1
Autodesk AutoCAD Map 3D	>=2022<2022.1.3
Autodesk AutoCAD Map 3D	>=2023<2023.1.1
Autodesk AutoCAD Mechanical	>=2022<2022.1.3
Autodesk AutoCAD Mechanical	>=2023<2023.1.1
Autodesk AutoCAD MEP	>=2022<2022.1.3
Autodesk AutoCAD MEP	>=2023<2023.1.1
Autodesk AutoCAD Plant 3D	>=2022<2022.1.3
Autodesk AutoCAD Plant 3D	>=2023<2023.1.1

Never miss a vulnerability like this again

Reference Links

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020

Frequently Asked Questions

What is the vulnerability ID?
The vulnerability ID is CVE-2022-33887.
What is the severity of CVE-2022-33887?
CVE-2022-33887 has a severity keyword of high and a severity value of 7.8.
Which software versions are affected by CVE-2022-33887?
Autodesk AutoCAD versions between 2022.1.3 and 2023.1.1, including Advance Steel, Architecture, Civil 3D, Electrical, LT, Map 3D, Mechanical, MEP, and Plant 3D, are affected by CVE-2022-33887.
How can an attacker exploit CVE-2022-33887?
An attacker can exploit CVE-2022-33887 by using a maliciously crafted PDF file to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Is there a fix for CVE-2022-33887?
To mitigate CVE-2022-33887, users should apply the necessary security updates provided by Autodesk.

collector/nvd-index
vendor/autodesk
canonical/autodesk autocad
version/autodesk autocad/2022
version/autodesk autocad/2023
canonical/autodesk autocad advance steel
version/autodesk autocad advance steel/2022
version/autodesk autocad advance steel/2023
canonical/autodesk autocad architecture
version/autodesk autocad architecture/2022
version/autodesk autocad architecture/2023
canonical/autodesk autocad civil 3d
version/autodesk autocad civil 3d/2022
version/autodesk autocad civil 3d/2023
canonical/autodesk autocad electrical
version/autodesk autocad electrical/2022
version/autodesk autocad electrical/2023
canonical/autodesk autocad lt
version/autodesk autocad lt/2022
version/autodesk autocad lt/2023
canonical/autodesk autocad map 3d
version/autodesk autocad map 3d/2022
version/autodesk autocad map 3d/2023
canonical/autodesk autocad mechanical
version/autodesk autocad mechanical/2022
version/autodesk autocad mechanical/2023
canonical/autodesk autocad mep
version/autodesk autocad mep/2022
version/autodesk autocad mep/2023
canonical/autodesk autocad plant 3d
version/autodesk autocad plant 3d/2022
version/autodesk autocad plant 3d/2023