CVE-2022-33883

Опубликовано: 03 окт. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator, and Advanced Material Exchange applications could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Ссылки

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0019
Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0019
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:autodesk:advanced_material_exchange:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:advanced_material_exchange:2021:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:moldflow_adviser:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:moldflow_adviser:2021:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:moldflow_communicator:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:moldflow_communicator:2021:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:moldflow_synergy:2019:*:*:*:*:*:*:*

cpe:2.3:a:autodesk:moldflow_synergy:2021:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00059

Низкий

7.8 High

CVSS3

Дефекты

CWE-787

Связанные уязвимости

GHSA-m5vf-pfhq-wc74