Login Sign Up

CVE-2021-40155

7.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability allows arbitrary code execution through maliciously crafted DWG files in Autodesk Navisworks. Attackers can exploit an out-of-bounds read vulnerability to potentially take control of affected systems. Users of Autodesk Navisworks 2019-2022 who open untrusted DWG files are at risk.

💻 Affected Systems

Products:
  • Autodesk Navisworks
Versions: 2019, 2020, 2021, 2022
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of affected versions are vulnerable when processing DWG files.

📦 What is this software?

Navisworks by Autodesk

View all CVEs affecting Navisworks →

Navisworks by Autodesk

View all CVEs affecting Navisworks →

Navisworks by Autodesk

View all CVEs affecting Navisworks →

Navisworks by Autodesk

View all CVEs affecting Navisworks →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control over the affected workstation, potentially leading to lateral movement within the network.

🟠

Likely Case

Local privilege escalation or remote code execution when users open malicious DWG files, resulting in data theft or malware installation.

🟢

If Mitigated

Limited impact with proper file validation and user awareness, potentially causing application crashes but no code execution.

🌐 Internet-Facing: LOW - Requires user interaction to open malicious files, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or malicious attachments, requiring user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open malicious DWG file. No public exploit code available as per references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patches available through Autodesk Desktop App or manual download

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0009

Restart Required: Yes

Instructions:

1. Open Autodesk Desktop App 2. Check for updates 3. Install available security updates for Navisworks 4. Restart computer if prompted

🔧 Temporary Workarounds

Restrict DWG file handling

windows

Configure system to open DWG files with alternative software or in protected viewer mode

User awareness training

all

Educate users to only open DWG files from trusted sources

🧯 If You Can't Patch

  • Implement application whitelisting to prevent unauthorized execution
  • Use network segmentation to isolate Navisworks workstations

🔍 How to Verify

Check if Vulnerable:

Check Navisworks version in Help > About. If version is 2019-2022 without latest patches, system is vulnerable.

Check Version:

In Navisworks: Help > About or check registry: HKEY_LOCAL_MACHINE\SOFTWARE\Autodesk\Navisworks

Verify Fix Applied:

Verify version has been updated through Autodesk Desktop App or check patch installation in Windows Programs and Features.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when opening DWG files
  • Unusual process creation from Navisworks

Network Indicators:

  • Outbound connections from Navisworks to unusual destinations

SIEM Query:

EventID=1000 Source=Navisworks.exe OR ProcessCreation ParentImage=*Navisworks.exe

📊 Metadata

CVE ID: CVE-2021-40155
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: September 15, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-40155, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)