CVE-2022-27873 – This vulnerability in Autodesk Fusion 360 allow... (How to Fix)

Q: What is the severity of CVE-2022-27873?

CVE-2022-27873 has a CVSS score of 7.8 (HIGH). This vulnerability in Autodesk Fusion 360 allows attackers to force victims' devices to make arbitrary HTTP requests through malicious SVG files. Attackers can also obtain victims' public IP addresses and potentially other sensitive information. Users of affected Autodesk Fusion 360 versions are at risk.

📋 TL;DR

This vulnerability in Autodesk Fusion 360 allows attackers to force victims' devices to make arbitrary HTTP requests through malicious SVG files. Attackers can also obtain victims' public IP addresses and potentially other sensitive information. Users of affected Autodesk Fusion 360 versions are at risk.

💻 Affected Systems

Products:

Autodesk Fusion 360

Versions: Versions prior to 2.0.15015

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the 'Insert SVG' feature when parsing SVG files.

📦 What is this software?

Fusion 360 by Autodesk

View all CVEs affecting Fusion 360 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker gains full control over victim's network traffic, exfiltrates sensitive data, and uses victim's device as proxy for attacks on internal systems.

🟠

Likely Case

Attacker obtains victim's public IP address and forces device to make unwanted HTTP requests, potentially revealing network information.

🟢

If Mitigated

Limited information disclosure with no significant impact due to network segmentation and proper security controls.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction to open malicious SVG file.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0.15015 and later

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0013

Restart Required: Yes

Instructions:

1. Open Autodesk Fusion 360. 2. Go to Help menu. 3. Select 'Check for Updates'. 4. Install version 2.0.15015 or later. 5. Restart the application.

🔧 Temporary Workarounds

Disable SVG Insertion

all

Prevent users from inserting SVG files into Fusion 360 documents

Network Segmentation

all

Restrict Fusion 360 network access to prevent external HTTP requests

🧯 If You Can't Patch

Educate users to never open SVG files from untrusted sources
Implement application whitelisting to restrict SVG file execution

🔍 How to Verify

Check if Vulnerable:

Check Fusion 360 version in Help > About. If version is below 2.0.15015, system is vulnerable.

Check Version:

Not applicable - check through application GUI

Verify Fix Applied:

Confirm version is 2.0.15015 or higher in Help > About menu.

📡 Detection & Monitoring

Log Indicators:

Unusual outbound HTTP requests from Fusion 360 process
Multiple SVG file parsing errors

Network Indicators:

Unexpected HTTP traffic from Fusion 360 to external domains
SVG file downloads followed by outbound requests

SIEM Query:

process_name='Fusion360.exe' AND (destination_port=80 OR destination_port=443) AND NOT destination_ip IN [allowed_domains]

📊 Metadata

CVE ID: CVE-2022-27873

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-611

Published: July 29, 2022

Last Updated: November 21, 2024

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0013 Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0013 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-27873, you might also want to check these: