QwikSec

Security Database

CVE

CWE

Training

CVE-2021-27040

Published: Jun 25, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A maliciously crafted DWG file can be forced to read beyond allocated boundaries when parsing the DWG file. This vulnerability can be exploited to execute arbitrary code.

Vendor	Product	Versions
n/a	Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D	affected `2022, 2021, 2020, 2019`

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0004

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-21-1238/

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-21-1236/

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-22-378/

x_refsource_MISC

https://www.zerodayinitiative.com/advisories/ZDI-22-473/

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.