CVE-2022-27526
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Un archivo TGA diseñado de forma maliciosa cuando es consumido mediante la aplicación DesignReview.exe podría conllevar a una vulnerabilidad de corrupción de memoria. Esta vulnerabilidad, junto con otras, podría conllevar a una ejecución de código en el contexto del proceso actual
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-03-21 CVE Reserved
- 2022-04-18 CVE Published
- 2024-08-03 CVE Updated
- 2024-11-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004 | 2022-04-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2011 Search vendor "Autodesk" for product "Design Review" and version "2011" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2012 Search vendor "Autodesk" for product "Design Review" and version "2012" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2013 Search vendor "Autodesk" for product "Design Review" and version "2013" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2017 Search vendor "Autodesk" for product "Design Review" and version "2017" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix2 |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix3 |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix4 |
Affected
| ||||||