Note: Specifically for files using external references (Xrefs), DWG TrueView creates temporary copies of referenced DWGs for quicker access. The storage providers are able to disclose additional information about the caching process. It may be suggested to replace the affected object with an alternative product. DWG TrueView just uses the cached files from the Windows location in which these storage providers store them. There is no information about possible countermeasures known. The current price for an exploit might be approx. There are neither technical details nor an exploit publicly available. Successful exploitation requires user interaction by the victim. This vulnerability is traded as CVE-2022-25797 since. This is going to have an impact on confidentiality, integrity, and availability. The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
The manipulation with an unknown input leads to a memory corruption vulnerability. Affected is some unknown functionality of the component DWG File Handler. A high score indicates an elevated risk to be targeted for this vulnerability.Ī vulnerability was found in Autodesk TrueView 2021 and TrueView 2022 ( version unknown). The CTI Interest Score identifies the interest of attackers and the security community for this specific vulnerability in real-time. Our Cyber Threat Intelligence team is monitoring different web sites, mailing lists, exploit markets and social media networks.