Unknown
CVE-2019-7364
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
Add References:
Unknown
(0 users assessed)
Unknown
(0 users assessed)Unknown
Unknown
Unknown
MITRE ATT&CK
Collection
Command and Control
Credential Access
Defense Evasion
Discovery
Execution
Exfiltration
Impact
Initial Access
Lateral Movement
Persistence
Privilege Escalation
Topic Tags
Description
DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of Autodesk Advanced Steel, Civil 3D, AutoCAD, AutoCAD LT, AutoCAD Architecture, AutoCAD Electrical, AutoCAD Map 3D, AutoCAD Mechanical, AutoCAD MEP, AutoCAD Plant 3D and version 2017 of AutoCAD P&ID. An attacker may trick a user into opening a malicious DWG file that may leverage a DLL preloading vulnerability in AutoCAD which may result in code execution.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
General Information
Vendors
Products
- advance steel 2017,
- advance steel 2018,
- advance steel 2019,
- advance steel 2020,
- autocad 2017,
- autocad 2018,
- autocad 2019,
- autocad 2020,
- autocad architecture 2017,
- autocad architecture 2018,
- autocad architecture 2019,
- autocad architecture 2020,
- autocad electrical 2017,
- autocad electrical 2018,
- autocad electrical 2019,
- autocad electrical 2020,
- autocad lt 2017,
- autocad lt 2018,
- autocad lt 2019,
- autocad lt 2020,
- autocad map 3d 2017,
- autocad map 3d 2018,
- autocad map 3d 2019,
- autocad map 3d 2020,
- autocad mechanical 2017,
- autocad mechanical 2018,
- autocad mechanical 2019,
- autocad mechanical 2020,
- autocad mep 2017,
- autocad mep 2018,
- autocad mep 2019,
- autocad mep 2020,
- autocad p&id 2017,
- autocad plant 3d 2017,
- autocad plant 3d 2018,
- autocad plant 3d 2019,
- autocad plant 3d 2020,
- civil 3d 2017,
- civil 3d 2018,
- civil 3d 2019,
- civil 3d 2020
References
Additional Info
Technical Analysis
Report as Emergent Threat Response
Report as Zero-day Exploit
Report as Exploited in the Wild
CVE ID
AttackerKB requires a CVE ID in order to pull vulnerability data and references from the CVE list and the National Vulnerability Database. If available, please supply below:
