CVE-2022-27872 – This vulnerability in Autodesk Navisworks 2022 ... (How to Fix)

Q: What is the severity of CVE-2022-27872?

CVE-2022-27872 has a CVSS score of 7.8 (HIGH). This vulnerability in Autodesk Navisworks 2022 allows attackers to craft malicious PDF files that cause pointer dereference issues during parsing, potentially leading to crashes, sensitive data exposure, or arbitrary code execution. Users of Autodesk Navisworks 2022 who open untrusted PDF files are affected.

📋 TL;DR

This vulnerability in Autodesk Navisworks 2022 allows attackers to craft malicious PDF files that cause pointer dereference issues during parsing, potentially leading to crashes, sensitive data exposure, or arbitrary code execution. Users of Autodesk Navisworks 2022 who open untrusted PDF files are affected.

💻 Affected Systems

Products:

Autodesk Navisworks

Versions: 2022 versions prior to the security update

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability requires user interaction to open a malicious PDF file

📦 What is this software?

Navisworks by Autodesk

View all CVEs affecting Navisworks →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with SYSTEM/administrator privileges leading to complete system compromise

🟠

Likely Case

Application crash or denial of service with potential information disclosure

🟢

If Mitigated

Limited impact with proper patching and user awareness about opening untrusted files

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open malicious PDF; no public exploit code available

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2022.2.1 or later

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011

Restart Required: Yes

Instructions:

1. Open Autodesk Navisworks 2022. 2. Navigate to Help > About. 3. Check version is 2022.2.1 or higher. 4. If not, download and install the latest update from Autodesk Account portal or through the Autodesk Desktop App.

🔧 Temporary Workarounds

Restrict PDF file handling

windows

Configure Navisworks to not automatically open PDF files or restrict PDF file handling through external applications

User awareness training

all

Train users to only open PDF files from trusted sources and verify file integrity

🧯 If You Can't Patch

Implement application whitelisting to prevent execution of malicious code
Use network segmentation to isolate Navisworks systems from critical assets

🔍 How to Verify

Check if Vulnerable:

Check Navisworks version: Open Navisworks > Help > About. If version is earlier than 2022.2.1, system is vulnerable.

Check Version:

Not applicable - check through GUI Help > About menu

Verify Fix Applied:

Verify version is 2022.2.1 or later in Help > About dialog

📡 Detection & Monitoring

Log Indicators:

Application crash logs from Navisworks
Windows Event Logs showing application failures

Network Indicators:

Unusual PDF file transfers to Navisworks users
Outbound connections from Navisworks process post-PDF opening

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="*navisworks*" AND ExceptionCode="0xc0000005"

📊 Metadata

CVE ID: CVE-2022-27872

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-755

Published: June 21, 2022

Last Updated: November 21, 2024

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011 Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0011 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-27872, you might also want to check these: