CVE-2022-42933
First published: Fri Oct 21 2022(Updated: )
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk Autocad | =2019 | |
| Autodesk Autocad | =2020 | |
| Autodesk Autocad | =2021 | |
| Autodesk Autocad | =2022 | |
| Autodesk Autocad | =2022 | |
| Autodesk Autocad | =2023 | |
| Autodesk Autocad Advance Steel | =2019 | |
| Autodesk Autocad Advance Steel | =2020 | |
| Autodesk Autocad Advance Steel | =2021 | |
| Autodesk Autocad Advance Steel | =2022 | |
| Autodesk Autocad Advance Steel | =2023 | |
| Autodesk AutoCAD Architecture | =2019 | |
| Autodesk AutoCAD Architecture | =2020 | |
| Autodesk AutoCAD Architecture | =2021 | |
| Autodesk AutoCAD Architecture | =2022 | |
| Autodesk AutoCAD Architecture | =2023 | |
| Autodesk Autocad Civil 3d | =2019 | |
| Autodesk Autocad Civil 3d | =2020 | |
| Autodesk Autocad Civil 3d | =2021 | |
| Autodesk Autocad Civil 3d | =2022 | |
| Autodesk Autocad Civil 3d | =2023 | |
| Autodesk AutoCAD Electrical | =2019 | |
| Autodesk AutoCAD Electrical | =2020 | |
| Autodesk AutoCAD Electrical | =2021 | |
| Autodesk AutoCAD Electrical | =2022 | |
| Autodesk AutoCAD Electrical | =2023 | |
| Autodesk Autocad Lt | =2019 | |
| Autodesk Autocad Lt | =2020 | |
| Autodesk Autocad Lt | =2021 | |
| Autodesk Autocad Lt | =2022 | |
| Autodesk Autocad Lt | =2022 | |
| Autodesk Autocad Lt | =2023 | |
| Autodesk AutoCAD Map 3D | =2019 | |
| Autodesk AutoCAD Map 3D | =2020 | |
| Autodesk AutoCAD Map 3D | =2021 | |
| Autodesk AutoCAD Map 3D | =2022 | |
| Autodesk AutoCAD Map 3D | =2023 | |
| Autodesk AutoCAD Mechanical | =2019 | |
| Autodesk AutoCAD Mechanical | =2020 | |
| Autodesk AutoCAD Mechanical | =2021 | |
| Autodesk AutoCAD Mechanical | =2022 | |
| Autodesk AutoCAD Mechanical | =2023 | |
| Autodesk AutoCAD MEP | =2019 | |
| Autodesk AutoCAD MEP | =2020 | |
| Autodesk AutoCAD MEP | =2021 | |
| Autodesk AutoCAD MEP | =2022 | |
| Autodesk AutoCAD MEP | =2023 | |
| Autodesk AutoCAD Plant 3D | =2019 | |
| Autodesk AutoCAD Plant 3D | =2020 | |
| Autodesk AutoCAD Plant 3D | =2021 | |
| Autodesk AutoCAD Plant 3D | =2022 | |
| Autodesk AutoCAD Plant 3D | =2023 | |
| Autodesk Design Review | =2018 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-42933?
CVE-2022-42933 is a memory corruption vulnerability in Autodesk AutoCAD and related software versions 2019 through 2023, and Autodesk Design Review 2018.
How severe is CVE-2022-42933?
CVE-2022-42933 has a severity score of 7.8, which is considered high.
Which software versions are affected by CVE-2022-42933?
Autodesk AutoCAD versions 2019 through 2023, and Autodesk Design Review 2018 are affected by CVE-2022-42933.
What is the vulnerability in Autodesk AutoCAD?
The vulnerability in Autodesk AutoCAD is a memory corruption vulnerability that can be triggered by consuming a malicious crafted .dwf or .pct file using the DesignReview.exe application.
Is there a fix available for CVE-2022-42933?
Yes, users should apply the necessary security patch provided by Autodesk to fix CVE-2022-42933.
- collector/nvd-index
- vendor/autodesk
- canonical/autodesk autocad
- version/autodesk autocad/2019
- version/autodesk autocad/2020
- version/autodesk autocad/2021
- version/autodesk autocad/2022
- version/autodesk autocad/2023
- canonical/autodesk autocad advance steel
- version/autodesk autocad advance steel/2019
- version/autodesk autocad advance steel/2020
- version/autodesk autocad advance steel/2021
- version/autodesk autocad advance steel/2022
- version/autodesk autocad advance steel/2023
- canonical/autodesk autocad architecture
- version/autodesk autocad architecture/2019
- version/autodesk autocad architecture/2020
- version/autodesk autocad architecture/2021
- version/autodesk autocad architecture/2022
- version/autodesk autocad architecture/2023
- canonical/autodesk autocad civil 3d
- version/autodesk autocad civil 3d/2019
- version/autodesk autocad civil 3d/2020
- version/autodesk autocad civil 3d/2021
- version/autodesk autocad civil 3d/2022
- version/autodesk autocad civil 3d/2023
- canonical/autodesk autocad electrical
- version/autodesk autocad electrical/2019
- version/autodesk autocad electrical/2020
- version/autodesk autocad electrical/2021
- version/autodesk autocad electrical/2022
- version/autodesk autocad electrical/2023
- canonical/autodesk autocad lt
- version/autodesk autocad lt/2019
- version/autodesk autocad lt/2020
- version/autodesk autocad lt/2021
- version/autodesk autocad lt/2022
- version/autodesk autocad lt/2023
- canonical/autodesk autocad map 3d
- version/autodesk autocad map 3d/2019
- version/autodesk autocad map 3d/2020
- version/autodesk autocad map 3d/2021
- version/autodesk autocad map 3d/2022
- version/autodesk autocad map 3d/2023
- canonical/autodesk autocad mechanical
- version/autodesk autocad mechanical/2019
- version/autodesk autocad mechanical/2020
- version/autodesk autocad mechanical/2021
- version/autodesk autocad mechanical/2022
- version/autodesk autocad mechanical/2023
- canonical/autodesk autocad mep
- version/autodesk autocad mep/2019
- version/autodesk autocad mep/2020
- version/autodesk autocad mep/2021
- version/autodesk autocad mep/2022
- version/autodesk autocad mep/2023
- canonical/autodesk autocad plant 3d
- version/autodesk autocad plant 3d/2019
- version/autodesk autocad plant 3d/2020
- version/autodesk autocad plant 3d/2021
- version/autodesk autocad plant 3d/2022
- version/autodesk autocad plant 3d/2023
- canonical/autodesk design review
- version/autodesk design review/2018