CVE-2022-33888

A malicious crafted Dwg2Spd file when processed through Autodesk DWG application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Published: Oct 3, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-33888
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
autodesk / autocad	2022	2022.1.3
autodesk / autocad	2023	2023.1.1
autodesk / autocad_advance_steel	2022	2022.1.3
autodesk / autocad_advance_steel	2023	2023.1.1
autodesk / autocad_architecture	2022	2022.1.3
autodesk / autocad_architecture	2023	2023.1.1
autodesk / autocad_civil_3d	2022	2022.1.3
autodesk / autocad_civil_3d	2023	2023.1.1
autodesk / autocad_electrical	2022	2022.1.3
autodesk / autocad_electrical	2023	2023.1.1
autodesk / autocad_lt	2022	2022.1.3
autodesk / autocad_lt	2023	2023.1.1
autodesk / autocad_map_3d	2022	2022.1.3
autodesk / autocad_map_3d	2023	2023.1.1
autodesk / autocad_mechanical	2022	2022.1.3
autodesk / autocad_mechanical	2023	2023.1.1
autodesk / autocad_mep	2022	2022.1.3
autodesk / autocad_mep	2023	2023.1.1
autodesk / autocad_plant_3d	2022	2022.1.3
autodesk / autocad_plant_3d	2023	2023.1.1

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020

Vulnerability Database

289,697

CVE-2022-33888