CVE-2021-27037
Last modified
CVE-2021-27037 is a high-severity vulnerability rated 7.8/10 on the CVSS scale. A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code.. EPSS estimates a 1.61% chance of exploitation in the next 30 days.
Description
A maliciously crafted PNG, PDF or DWF file in Autodesk Design Review 2018, 2017, 2013, 2012, 2011 can be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by remote malicious actors to execute arbitrary code.
Metrics
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Autodesk | Design Review | 2011 |
| Autodesk | Design Review | 2012 |
| Autodesk | Design Review | 2013 |
| Autodesk | Design Review | 2017 |
| Autodesk | Design Review | 2018 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2021-27037?
How severe is CVE-2021-27037?
How do I fix CVE-2021-27037?
Are you affected by CVE-2021-27037?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST