CVE-2022-42933
First published: Fri Oct 21 2022(Updated: )
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| AutoCAD | =2019 | |
| AutoCAD | =2020 | |
| AutoCAD | =2021 | |
| AutoCAD | =2022 | |
| Autodesk AutoCAD LT for macOS | =2022 | |
| AutoCAD | =2023 | |
| Autodesk AutoCAD Advance Steel | =2019 | |
| Autodesk AutoCAD Advance Steel | =2020 | |
| Autodesk AutoCAD Advance Steel | =2021 | |
| Autodesk AutoCAD Advance Steel | =2022 | |
| Autodesk AutoCAD Advance Steel | =2023 | |
| AutoCAD | =2019 | |
| AutoCAD | =2020 | |
| AutoCAD | =2021 | |
| AutoCAD | =2022 | |
| AutoCAD | =2023 | |
| Autodesk Civil 3D | =2019 | |
| Autodesk Civil 3D | =2020 | |
| Autodesk Civil 3D | =2021 | |
| Autodesk Civil 3D | =2022 | |
| Autodesk Civil 3D | =2023 | |
| AutoCAD | =2019 | |
| AutoCAD | =2020 | |
| AutoCAD | =2021 | |
| AutoCAD | =2022 | |
| AutoCAD | =2023 | |
| AutoCAD LT | =2019 | |
| AutoCAD LT | =2020 | |
| AutoCAD LT | =2021 | |
| AutoCAD LT | =2022 | |
| Autodesk AutoCAD LT for macOS | =2022 | |
| AutoCAD LT | =2023 | |
| AutoCAD | =2019 | |
| AutoCAD | =2020 | |
| AutoCAD | =2021 | |
| AutoCAD | =2022 | |
| AutoCAD | =2023 | |
| AutoCAD | =2019 | |
| AutoCAD | =2020 | |
| AutoCAD | =2021 | |
| AutoCAD | =2022 | |
| AutoCAD | =2023 | |
| AutoCAD | =2019 | |
| AutoCAD | =2020 | |
| AutoCAD | =2021 | |
| AutoCAD | =2022 | |
| AutoCAD | =2023 | |
| AutoCAD | =2019 | |
| AutoCAD | =2020 | |
| AutoCAD | =2021 | |
| AutoCAD | =2022 | |
| AutoCAD | =2023 | |
| Autodesk Design Review 2011 | =2018 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-42933?
CVE-2022-42933 is a memory corruption vulnerability in Autodesk AutoCAD and related software versions 2019 through 2023, and Autodesk Design Review 2018.
How severe is CVE-2022-42933?
CVE-2022-42933 has a severity score of 7.8, which is considered high.
Which software versions are affected by CVE-2022-42933?
Autodesk AutoCAD versions 2019 through 2023, and Autodesk Design Review 2018 are affected by CVE-2022-42933.
What is the vulnerability in Autodesk AutoCAD?
The vulnerability in Autodesk AutoCAD is a memory corruption vulnerability that can be triggered by consuming a malicious crafted .dwf or .pct file using the DesignReview.exe application.
Is there a fix available for CVE-2022-42933?
Yes, users should apply the necessary security patch provided by Autodesk to fix CVE-2022-42933.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/autodesk
- canonical/autocad
- version/autocad/2019
- version/autocad/2020
- version/autocad/2021
- version/autocad/2022
- canonical/autodesk autocad lt for macos
- version/autodesk autocad lt for macos/2022
- version/autocad/2023
- canonical/autodesk autocad advance steel
- version/autodesk autocad advance steel/2019
- version/autodesk autocad advance steel/2020
- version/autodesk autocad advance steel/2021
- version/autodesk autocad advance steel/2022
- version/autodesk autocad advance steel/2023
- canonical/autodesk civil 3d
- version/autodesk civil 3d/2019
- version/autodesk civil 3d/2020
- version/autodesk civil 3d/2021
- version/autodesk civil 3d/2022
- version/autodesk civil 3d/2023
- canonical/autocad lt
- version/autocad lt/2019
- version/autocad lt/2020
- version/autocad lt/2021
- version/autocad lt/2022
- version/autocad lt/2023
- canonical/autodesk design review 2011
- version/autodesk design review 2011/2018