CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-40156

A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0009
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0009

Products affected by CVE-2021-40156

Autodesk » Navisworks » Version: 2019

cpe:2.3:a:autodesk:navisworks:2019
Autodesk » Navisworks » Version: 2020

cpe:2.3:a:autodesk:navisworks:2020
Autodesk » Navisworks » Version: 2021

cpe:2.3:a:autodesk:navisworks:2021
Autodesk » Navisworks » Version: 2022

cpe:2.3:a:autodesk:navisworks:2022

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-40156

Products

Pricing

Contact Us