Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2021-40159

An Information Disclosure vulnerability for JT files in Autodesk Inventor 2022, 2021, 2020, 2019 in conjunction with other vulnerabilities may lead to code execution through maliciously crafted JT files in the context of the current process.

Published

2022-01-25T20:15:08.327

Last Modified

2024-11-21T06:23:41.587

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.6

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-200
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application autodesk advance_steel < 2022.1.2 Yes
Application autodesk autocad < 2022.1.2 Yes
Application autodesk autocad_architecture < 2022.1.2 Yes
Application autodesk autocad_electrical < 2022.1.2 Yes
Application autodesk autocad_lt < 2022.1.2 Yes
Application autodesk autocad_map_3d < 2022.1.2 Yes
Application autodesk autocad_mechanical < 2022.1.2 Yes
Application autodesk autocad_mep < 2022.1.2 Yes
Application autodesk autocad_plant_3d < 2022.1.2 Yes
Application autodesk civil_3d < 2022.1.2 Yes
Application autodesk inventor 2019 Yes
Application autodesk inventor 2020 Yes
Application autodesk inventor 2021 Yes
Application autodesk inventor 2022 Yes
References