CVE-2021-40157

A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBXs Review version 1.5.0 and prior causing it to run arbitrary code on the system.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
autodeskCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
autodeskfbx_review
𝑥
≤ 1.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001
https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001