CVE-2022-27864
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Una vulnerabilidad de Doble Liberación permite a atacantes remotos ejecutar código arbitrario mediante la aplicación DesignReview.exe en archivos PDF dentro de las instalaciones afectadas. Es requerida una interacción del usuario para explotar esta vulnerabilidad, ya que el objetivo debe visitar una página maliciosa o abrir un archivo malicioso
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-03-25 CVE Reserved
- 2022-07-29 CVE Published
- 2024-08-03 CVE Updated
- 2024-10-20 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-415: Double Free
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0009 | 2022-08-08 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2011 Search vendor "Autodesk" for product "Design Review" and version "2011" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2012 Search vendor "Autodesk" for product "Design Review" and version "2012" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2013 Search vendor "Autodesk" for product "Design Review" and version "2013" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2017 Search vendor "Autodesk" for product "Design Review" and version "2017" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | - |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix2 |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix3 |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix4 |
Affected
| ||||||
| Autodesk Search vendor "Autodesk" | Design Review Search vendor "Autodesk" for product "Design Review" | 2018 Search vendor "Autodesk" for product "Design Review" and version "2018" | hotfix5 |
Affected
| ||||||