Vulnerability Details CVE-2021-27030
A user may be tricked into opening a malicious FBX file which may exploit a Directory Traversal Remote Code Execution vulnerability in FBX’s Review causing it to run arbitrary code on the system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.553
EPSS Ranking 98.1%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001
- https://www.zerodayinitiative.com/advisories/ZDI-21-1070/
- https://www.zerodayinitiative.com/advisories/ZDI-21-466/
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001
- https://www.zerodayinitiative.com/advisories/ZDI-21-1070/
- https://www.zerodayinitiative.com/advisories/ZDI-21-466/
Products affected by CVE-2021-27030
-
cpe:2.3:a:autodesk:fbx_review:-
-
cpe:2.3:a:autodesk:fbx_review:1.4.0
-
cpe:2.3:a:autodesk:fbx_review:1.4.1.0
-
cpe:2.3:a:autodesk:fbx_review:1.5.0