CVE-2022-33885 – Autodesk AutoCAD X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2022-33885

A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. Un archivo X_B, CATIA y PDF diseñado de forma maliciosa cuando es analizado mediante Autodesk AutoCAD versiones 2023 y 2022, puede usarse para escribir más allá del búfer asignado. Esta vulnerabilidad puede conllevar a una ejecución de código arbitrario This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of X_B files. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020 • CWE-787: Out-of-bounds Write •