First published: Mon Apr 17 2023(Updated: )
A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
Credit: psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk FBX Software Development Kit | >=2020.0<2020.3.4 | |
=17.2 | ||
=5 | ||
=15.9 | ||
=3 | ||
=17.4 | ||
=16.11 | ||
=17.0 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-27911 is a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior.
Visual Studio 2022 (version 17.2), Visual Studio 2017 (includes 15.0 - 15.8), Visual Studio 2015, Visual Studio 2022 (version 17.4), Visual Studio 2022 (version 17.0), Visual Studio 2013, Visual Studio 2019 (includes 16.0 - 16.10), Office LTSC 2021 for 32-bit editions, Office 2019 for 64-bit editions, Office LTSC 2021 for 64-bit editions, Microsoft 365 Apps for Enterprise (x86), Office 2019 for 32-bit editions, Microsoft 365 Apps for Enterprise (x86_64), and Microsoft 3D Viewer are affected by CVE-2023-27911.
CVE-2023-27911 has a severity rating of high (7).
You can find the necessary patches or updates for Visual Studio 2022 (version 17.2) at [this URL](https://my.visualstudio.com/Downloads?q=Visual Studio 2022 version 17.2).
You can find the necessary patches or updates for Visual Studio 2019 (includes 16.0 - 16.10) at [this URL](https://my.visualstudio.com/Downloads?q=Visual Studio 2019 version 16.11).