CVE-2022-42946

Published: Dic 19, 2022 Last Modified: Apr 17, 2025 EU-VD ID: EUVD-2022-46002 Aliases: GSD-2022-42946

ExploitDB:

Other exploit source:

Google Dorks:

HIGH 7,1

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: high

Integrity: none

Availability: high

Description

AI Translation Available

Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 and 2022 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0013

Percentile

0,3th

Updated

EPSS Score Trend (Last 90 Days)

125

Out-of-bounds Read

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Confidentiality Availability Other

Potential Impacts:

Read Memory Bypass Protection Mechanism Dos: Crash, Exit, Or Restart Varies By Context

Applicable Platforms

Languages: C, C++, Memory-Unsafe

Technologies: ICS/OT

View CWE Details

787

Out-of-bounds Write

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Integrity Availability Other

Potential Impacts:

Modify Memory Execute Unauthorized Code Or Commands Dos: Crash, Exit, Or Restart Unexpected State

Applicable Platforms

Languages: Assembly, C, C++, Memory-Unsafe

Technologies: ICS/OT

Likelihood of Exploit: High

View CWE Details

Application

Maya by Autodesk

Product Information

Vendor Autodesk

Product Maya

Version 2023

CPE Identifier

View Detailed Analysis


                  cpe:2.3:a:autodesk:maya:2023:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://www.autodesk.com/trust/security-advisories/adsk-sa-…

Vendor Advisory

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020

https://www.autodesk.com/trust/security-advisories/adsk-sa-…

Vendor Advisory

https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0020

CVE-2022-42946

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Out-of-bounds Read

Common Consequences

Applicable Platforms

Out-of-bounds Write

Common Consequences

Applicable Platforms

Maya by Autodesk

Product Information

Iscriviti alla newsletter