CVE-2019-7364 Information

Feb 14, 2021 cve

Description

DLL preloading vulnerability in versions 2017 2018 2019 and 2020 of Autodesk Advanced Steel Civil 3D AutoCAD AutoCAD LT AutoCAD Architecture AutoCAD Electrical AutoCAD Map 3D AutoCAD Mechanical AutoCAD MEP AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0002

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8

Share on: