cvedb.io
CVE-2021-40156
HIGH · CVSS 7.8
EPSS exploitation probability: 0%
Published 2021-09-15T17:15:10.693 · Last modified 2026-06-17T04:06:36.420

Summary

A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code.

Affected products

autodesk — navisworks

Does this affect you?

Add your gear to cvedb and we'll alert you only when autodesk ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.