CVE-2021-27040 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	3.3 LOW	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
autodesk	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 55%

Vendor	Product	Version
autodesk	advance_steel	2019 ≤ 𝑥 < 2019.1.3
autodesk	advance_steel	2020 ≤ 𝑥 < 2020.1.4
autodesk	advance_steel	2021 ≤ 𝑥 < 2021.1.1
autodesk	advance_steel	2022 ≤ 𝑥 < 2022.0.1
autodesk	autocad	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad	2022 ≤ 𝑥 < 2022.0.1
autodesk	autocad_architecture	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad_architecture	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad_architecture	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad_architecture	2022 ≤ 𝑥 ≤ 2022.0.1
autodesk	autocad_electrical	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad_electrical	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad_electrical	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad_electrical	2022 ≤ 𝑥 < 2022.0.1
autodesk	autocad_lt	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad_lt	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad_lt	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad_lt	2022 ≤ 𝑥 < 2022.0.1
autodesk	autocad_map_3d	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad_map_3d	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad_map_3d	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad_map_3d	2022 ≤ 𝑥 < 2022.0.1
autodesk	autocad_mechanical	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad_mechanical	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad_mechanical	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad_mechanical	2022 ≤ 𝑥 < 2022.0.1
autodesk	autocad_mep	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad_mep	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad_mep	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad_mep	2022 ≤ 𝑥 < 2022.0.1
autodesk	autocad_plant_3d	2019 ≤ 𝑥 < 2019.1.3
autodesk	autocad_plant_3d	2020 ≤ 𝑥 < 2020.1.4
autodesk	autocad_plant_3d	2021 ≤ 𝑥 < 2021.1.1
autodesk	autocad_plant_3d	2022 ≤ 𝑥 < 2022.0.1
autodesk	civil_3d	2019 ≤ 𝑥 < 2019.1.3
autodesk	civil_3d	2020 ≤ 𝑥 < 2020.1.4
autodesk	civil_3d	2021 ≤ 𝑥 < 2021.1.1
autodesk	civil_3d	2022 ≤ 𝑥 < 2022.0.1
autodesk	dwg_trueview	2022 ≤ 𝑥 < 2022.1.1
iconics	genesis64	𝑥 ≤ 10.97
mitsubishielectric	mc_works64	𝑥 ≤ 4.04e

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-125 - Out-of-bounds Read
The software reads data past the end, or before the beginning, of the intended buffer.

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0004

https://www.zerodayinitiative.com/advisories/ZDI-21-1236/

https://www.zerodayinitiative.com/advisories/ZDI-21-1238/

https://www.zerodayinitiative.com/advisories/ZDI-22-378/

https://www.zerodayinitiative.com/advisories/ZDI-22-473/

https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0004

https://www.zerodayinitiative.com/advisories/ZDI-21-1236/

https://www.zerodayinitiative.com/advisories/ZDI-21-1238/

https://www.zerodayinitiative.com/advisories/ZDI-22-378/

https://www.zerodayinitiative.com/advisories/ZDI-22-473/