Vulnerability Details CVE-2022-25796
A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
Products affected by CVE-2022-25796
-
cpe:2.3:a:autodesk:navisworks:2022
-
cpe:2.3:a:autodesk:navisworks:2022.1