Fortinet Discovers AutoDesk Design Review Memory Corruption Vulnerability
Fortinet's FortiGuard Labs has discovered a Memory Corruption vulnerability in Autodesk Design Review.
Autodesk Design Review is a CAD viewer software that lets you view, mark up, print, and track changes to 2D and 3D files for free without the original design software.
A memory corruption vulnerability has been discovered in AutoDesk Design Review by FortiGuard Labs. The vulnerability is caused by a crafted PCT file which causes an out-of-bounds memory access. It could allow malicious users to create sensitive information leak scenarios.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Jul 21, 2022
Users should apply the solution provided by AutoDesk.
Fortinet reported the vulnerability to Autodesk on May 21, 2022.
Autodesk confirmed the vulnerability on July 15, 2022.