Out-of-bounds Read in Autodesk Maya
CVE-2022-42946
Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 and 2022 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current p…
Vulnerability class: Buffer Overflow
EPSS: 0.003 (17.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H.
Affected products
- Autodesk Maya — versions 2023
- N/a Autodesk Maya — versions 2023, 2022
Weakness classification (CWE)
References
- psirt@autodesk.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2022-42946?
- CVE-2022-42946 is a high-severity vulnerability in Autodesk Maya, classified under Out-of-bounds Read. CVSS score: 7.1/10. Published 2022-12-19.
- How severe is CVE-2022-42946?
- High severity. CVSS v3 base score is 7.1 out of 10.