Login Sign Up

CVE-2022-27523

7.1 HIGH
Buffer Overflow

📋 TL;DR

A buffer over-read vulnerability in Autodesk TrueView 2022 allows attackers to expose sensitive information or cause application crashes by tricking users into opening malicious DWG files. Combined with other vulnerabilities, this could potentially lead to code execution. Users of Autodesk TrueView 2022 are affected.

💻 Affected Systems

Products:
  • Autodesk TrueView 2022
Versions: 2022 versions prior to the security update
Operating Systems: Windows, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects TrueView 2022, not other Autodesk products or earlier TrueView versions.

📦 What is this software?

Dwg Trueview by Autodesk

View all CVEs affecting Dwg Trueview →

Dwg Trueview by Autodesk

View all CVEs affecting Dwg Trueview →

Dwg Trueview by Autodesk

View all CVEs affecting Dwg Trueview →

Dwg Trueview by Autodesk

View all CVEs affecting Dwg Trueview →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure leading to exposure of sensitive data, application crashes disrupting workflows, and potential code execution when combined with other vulnerabilities.

🟠

Likely Case

Application crashes and information disclosure from memory contents when users open malicious DWG files.

🟢

If Mitigated

Limited impact with proper file handling controls and user awareness preventing malicious file execution.

🌐 Internet-Facing: MEDIUM - Requires user interaction to open malicious files, but DWG files are commonly shared externally.
🏢 Internal Only: MEDIUM - Internal users could be targeted via email attachments or network shares containing malicious DWG files.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open malicious DWG files. No public exploit code has been reported.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Updated version via Autodesk security update

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0007

Restart Required: Yes

Instructions:

1. Open Autodesk TrueView 2022. 2. Navigate to Help > Check for Updates. 3. Install available security updates. 4. Restart the application.

🔧 Temporary Workarounds

Restrict DWG file handling

all

Configure system to open DWG files only in trusted applications or sandboxed environments

User awareness training

all

Train users to only open DWG files from trusted sources

🧯 If You Can't Patch

  • Restrict user permissions to limit potential damage from code execution
  • Implement application whitelisting to prevent unauthorized code execution

🔍 How to Verify

Check if Vulnerable:

Check Autodesk TrueView version in Help > About. If version is 2022 without security updates, it's vulnerable.

Check Version:

In TrueView: Help > About or check program properties in Windows

Verify Fix Applied:

Verify version has been updated and check that security updates are installed via the update manager.

📡 Detection & Monitoring

Log Indicators:

  • Application crash logs from TrueView
  • Unexpected memory access errors in system logs

Network Indicators:

  • Unusual file downloads of DWG files from untrusted sources

SIEM Query:

source="*TrueView*" AND (event="Crash" OR event="Access Violation")

📊 Metadata

CVE ID: CVE-2022-27523
CVSS v3 Score: 7.1 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: April 13, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-27523, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)