{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-42938", "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "assignerShortName": "autodesk", "dateUpdated": "2025-05-07T19:33:59.054Z", "dateReserved": "2022-10-14T00:00:00.000Z", "datePublished": "2022-10-21T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk", "dateUpdated": "2022-10-21T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."}], "affected": [{"vendor": "n/a", "product": "Autodesk Design Review", "versions": [{"version": "2018,\u00a02017,\u00a02013, 2012, 2011", "status": "affected"}]}], "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Memory corruption vulnerability"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:19:05.532Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-05-07T19:33:17.033807Z", "id": "CVE-2022-42938", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-07T19:33:59.054Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:19:05.532Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-42938", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-07T19:33:17.033807Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-07T19:33:45.312Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "Autodesk Design Review", "versions": [{"status": "affected", "version": "2018,\u00a02017,\u00a02013, 2012, 2011"}]}], "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004"}], "descriptions": [{"lang": "en", "value": "A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Memory corruption vulnerability"}]}], "providerMetadata": {"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk", "dateUpdated": "2022-10-21T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-42938", "state": "PUBLISHED", "dateUpdated": "2025-05-07T19:33:59.054Z", "dateReserved": "2022-10-14T00:00:00.000Z", "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "datePublished": "2022-10-21T00:00:00.000Z", "assignerShortName": "autodesk"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:autocad:2019:*:*:*:*:*:*:*", "matchCriteriaId": "411DC826-735A-4BEB-84BE-9250F97F612E", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:2020:*:*:*:*:*:*:*", "matchCriteriaId": "E30E2562-D38E-4764-874E-5B2FCF5639E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*", "matchCriteriaId": "88B2C295-D091-4C1D-8285-4309967707BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*", "matchCriteriaId": "EACE09F2-A323-4E4B-9A35-4EBAE3864E6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:macos:*:*", "matchCriteriaId": "68FC54D1-B4FC-404E-9742-72F8340FE3C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*", "matchCriteriaId": "2241C287-9396-4AD8-B93C-3596394AB2D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:2019:*:*:*:*:*:*:*", "matchCriteriaId": "9B1CAD53-7C63-4E5D-BD2E-364A7A87AA1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:2020:*:*:*:*:*:*:*", "matchCriteriaId": "127F5A79-8E66-4ABD-8D88-8891C6D670D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*", "matchCriteriaId": "37D8982C-E506-4988-AA97-BDF1B1C3D71A", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*", "matchCriteriaId": "002AC200-6AE2-4817-91D3-957DA3AC9787", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*", "matchCriteriaId": "E881C720-E487-463E-A364-A1F9EC3C1D24", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2019:*:*:*:*:*:*:*", "matchCriteriaId": "9275E76C-2A79-462A-A9D3-D0B6BBCDD0CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2020:*:*:*:*:*:*:*", "matchCriteriaId": "B7DFA12E-48C5-47B9-BD9F-1AFACBF4E1EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*", "matchCriteriaId": "535A5D39-1C82-4301-9E5B-C9E0D75F38B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*", "matchCriteriaId": "316615EC-BC9F-4B6A-8163-EBECC480EFDE", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*", "matchCriteriaId": "546AFB2D-F78A-40C2-AC55-7D07EF0BDC7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2019:*:*:*:*:*:*:*", "matchCriteriaId": "AB3A878B-2142-404F-BCF4-BB508674C6C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2020:*:*:*:*:*:*:*", "matchCriteriaId": "64F2EC88-168D-4DD1-9ADA-3F9FA60D6E35", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*", "matchCriteriaId": "5D73C803-7567-4C1D-B62A-C3C52369022D", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*", "matchCriteriaId": "C5F77B03-3221-4564-B4FF-7BF7EEC1C5B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*", "matchCriteriaId": "C6E001C0-0D7B-44ED-BBE8-E6635C45F988", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2019:*:*:*:*:*:*:*", "matchCriteriaId": "A10DE5AF-1718-4899-9238-CFFDC72D05B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2020:*:*:*:*:*:*:*", "matchCriteriaId": "E388264D-D2D4-4BE4-9097-8F547D73ABE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*", "matchCriteriaId": "16611BAA-C200-4C8B-823F-1AB95F5E1317", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*", "matchCriteriaId": "E2DC5114-48D2-4D85-8E80-B4BCB0FD78F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*", "matchCriteriaId": "A2949D87-C1FA-43C3-8F1F-08ED7A64F302", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:2019:*:*:*:*:*:*:*", "matchCriteriaId": "03682B7E-1CF1-4456-A51F-A6ADFC177935", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:2020:*:*:*:*:*:*:*", "matchCriteriaId": "371C5F60-4959-40C7-93E1-A01510A95115", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:2021:*:*:*:*:*:*:*", "matchCriteriaId": "D83FB4C7-B374-4907-8E2B-EEE61C8339E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*", "matchCriteriaId": "601676EC-2EB4-45D0-B1AE-0980CBD68770", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:macos:*:*", "matchCriteriaId": "4A2EF334-E4E2-40DA-BD51-B74EE1E0ACCF", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*", "matchCriteriaId": "99924DDE-3D49-4D37-A361-69B28E7B94A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2019:*:*:*:*:*:*:*", "matchCriteriaId": "04E05510-B21B-4DDD-88D7-CEB8963E1AFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2020:*:*:*:*:*:*:*", "matchCriteriaId": "D4CD010A-FDBC-40F9-95AC-0CD8388B85D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*", "matchCriteriaId": "FC99E0F3-AA11-4390-A7C0-5BBFCDA94E3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*", "matchCriteriaId": "33AA60CF-611C-45FC-92F8-7517D87B1645", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*", "matchCriteriaId": "15A36E1F-964C-4DF2-91D1-D37ECEFC1C86", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2019:*:*:*:*:*:*:*", "matchCriteriaId": "19255CEC-6161-4D44-B87E-52E86DF4FBA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2020:*:*:*:*:*:*:*", "matchCriteriaId": "7147F378-DFB0-48A8-8B05-8777E1CC7F90", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*", "matchCriteriaId": "3B5C858C-4A01-4916-BE3E-B9056D67CF5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*", "matchCriteriaId": "7EB83A4A-D4C2-4509-BD49-15B9BBC7BF97", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*", "matchCriteriaId": "DCF7910A-432F-419E-96E0-25D638A6F298", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:2019:*:*:*:*:*:*:*", "matchCriteriaId": "3F608B1C-BA96-4EA8-A540-83870262CBC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:2020:*:*:*:*:*:*:*", "matchCriteriaId": "7CFAAD19-6248-42CB-B177-EC2E5141A953", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*", "matchCriteriaId": "1C52D90B-578B-4281-BF0E-B7CDA425ED05", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*", "matchCriteriaId": "4C8AD4F3-AA82-49F5-A18A-85127FDB8B95", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*", "matchCriteriaId": "DF8D9BA5-A043-42DB-A524-6728D3BF2B90", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2019:*:*:*:*:*:*:*", "matchCriteriaId": "4E536B0D-4C95-4589-981A-2F8A6C4B44DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2020:*:*:*:*:*:*:*", "matchCriteriaId": "3FBDD3AC-FA00-462F-AA13-5A75B5D50689", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*", "matchCriteriaId": "73E2E9E8-2269-4729-8D8F-3C26974F5FD2", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*", "matchCriteriaId": "452A1A75-C59A-43AB-9C43-BA49EB95C39C", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*", "matchCriteriaId": "07CB7F37-E6D4-40F3-85BA-EC060E923505", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*", "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."}, {"lang": "es", "value": "Un archivo TGA dise\u00f1ado de forma maliciosa cuando es consumido mediante la aplicaci\u00f3n DesignReview.exe podr\u00eda conllevar a una vulnerabilidad de corrupci\u00f3n de memoria. Esta vulnerabilidad, junto con otras, podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo en el contexto del proceso actual"}], "id": "CVE-2022-42938", "lastModified": "2025-05-07T20:15:23.003", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-10-21T16:15:11.823", "references": [{"source": "psirt@autodesk.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0004"}], "sourceIdentifier": "psirt@autodesk.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}