CVE-2021-40166

A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary code.

Published: Oct 7, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-40166
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-416

Affected Software
References

Software	From	Fixed in
autodesk / revit	2022	2022.x
autodesk / inventor	2022	2022.2
autodesk / autocad	2022	2022.1.2
autodesk / autocad_architecture	2022	2022.1.2
autodesk / autocad_electrical	2022	2022.1.2
autodesk / autocad_map_3d	2022	2022.1.2
autodesk / autocad_mechanical	2022	2022.1.2
autodesk / autocad_mep	2022	2022.1.2
autodesk / autocad_plant_3d	2022	2022.1.2
autodesk / autocad_lt	2022	2022.1.2
autodesk / design_review	2018-hotfix	2018-hotfix.x
autodesk / design_review	2018-hotfix2	2018-hotfix2.x
autodesk / design_review	2018-hotfix3	2018-hotfix3.x
autodesk / design_review	2018	2018.x
autodesk / dwg_trueview	2022	2022.1.1
autodesk / navisworks	2022	2022.2
autodesk / autocad	2019	2019.1.4
autodesk / autocad	2020	2020.1.5
autodesk / autocad	2021	2021.1.2
autodesk / autocad_architecture	2019	2019.1.4
autodesk / autocad_architecture	2020	2020.1.5
autodesk / autocad_architecture	2021	2021.1.2
autodesk / autocad_electrical	2019	2019.1.4
autodesk / autocad_electrical	2020	2020.1.5
autodesk / autocad_electrical	2021	2021.1.2
autodesk / autocad_map_3d	2021	2021.1.2
autodesk / autocad_map_3d	2020	2020.1.5
autodesk / autocad_map_3d	2019	2019.1.4
autodesk / autocad_mechanical	2019	2019.1.4
autodesk / autocad_mechanical	2020	2020.1.5
autodesk / autocad_mechanical	2021	2021.1.2
autodesk / autocad_mep	2021	2021.1.2
autodesk / autocad_mep	2020	2020.1.5
autodesk / autocad_mep	2019	2019.1.4
autodesk / autocad_plant_3d	2019	2019.1.4
autodesk / autocad_plant_3d	2020	2020.1.5
autodesk / autocad_plant_3d	2021	2021.1.2
autodesk / autocad_lt	2021	2021.1.2
autodesk / autocad_lt	2020	2020.1.5
autodesk / autocad_lt	2019	2019.1.4
autodesk / dwg_trueview	2019	2019.1.4
autodesk / dwg_trueview	2020	2020.1.5
autodesk / dwg_trueview	2021	2021.1.2
autodesk / autocad_lt	2022	2022.2.2
autodesk / infraworks	2019.3-hotfix_1	2019.3-hotfix_1.x
autodesk / infraworks	2019.3-hotfix_2	2019.3-hotfix_2.x
autodesk / infraworks	2019.3-hotfix_3	2019.3-hotfix_3.x
autodesk / infraworks	2019.3	2019.3.x
autodesk / infraworks	2019	2019.3
autodesk / infraworks	2020	2020.2
autodesk / infraworks	2020.2-hotfix_1	2020.2-hotfix_1.x
autodesk / infraworks	2020.2-hotfix_2	2020.2-hotfix_2.x
autodesk / infraworks	2020.2	2020.2.x
autodesk / infraworks	2021.2-hotfix_1	2021.2-hotfix_1.x
autodesk / infraworks	2021.2-hotfix_2	2021.2-hotfix_2.x
autodesk / infraworks	2021.2	2021.2.x
autodesk / infraworks	2021	2021.2
autodesk / infraworks	2022.0-hotfix_1	2022.0-hotfix_1.x
autodesk / infraworks	2022.1	2022.1.x
autodesk / inventor	2021	2021.4
autodesk / inventor	2020	2020.5
autodesk / inventor	2019	2019.6
autodesk / revit	2021	2021.1.5
autodesk / revit	2020	2020.2.6
autodesk / revit	2019	2019.2.4
autodesk / autocad_lt	2021	2021.2.2
autodesk / autocad_civil_3d	2021	2021.1.2
autodesk / autocad_civil_3d	2022	2022.1.2
autodesk / autocad_civil_3d	2020	2020.1.5
autodesk / autocad_civil_3d	2019	2019.1.4
autodesk / autocad_advance_steel	2022	2022.1.2
autodesk / autocad_advance_steel	2021	2021.1.2
autodesk / autocad_advance_steel	2020	2020.1.5
autodesk / autocad_advance_steel	2019	2019.1.4
autodesk / autocad_lt	2020	2020.3.2
autodesk / infraworks	2022.0	2022.0.x
autodesk / storm_and_sanitary_analysis	2021	2021.3.1
autodesk / storm_and_sanitary_analysis	2020	2020.3.1
autodesk / storm_and_sanitary_analysis	2022	2022.x
autodesk / infrastructure_parts_editor	2022	2022.x
autodesk / infrastructure_parts_editor	2021	2021.x
autodesk / infrastructure_parts_editor	2020	2020.0.2
autodesk / navisworks	2021	2021.4
autodesk / navisworks	2020	2020.5
autodesk / fusion	2.0.10356	2.0.11405
autodesk / infrastructure_parts_editor	2019	2019.2.2
autodesk / navisworks	2019	2019.7
autodesk / storm_and_sanitary_analysis	2019	2019.x

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011

Vulnerability Database

289,599

CVE-2021-40166