CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-27872

A maliciously crafted PDF file may be used to dereference a pointer for read or write operation while parsing PDF files in Autodesk Navisworks 2022. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011

Products affected by CVE-2022-27872

Autodesk » Navisworks » Version: 2022

cpe:2.3:a:autodesk:navisworks:2022

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-27872

Products

Pricing

Contact Us