Out-of-bounds Read in Autodesk Maya

CVE-2022-42946

Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 and 2022 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current p…

Vulnerability class: Buffer Overflow

EPSS: 0.003 (17.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.1 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H.

Affected products

  • Autodesk Maya — versions 2023
  • N/a Autodesk Maya — versions 2023, 2022

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2022-42946?
CVE-2022-42946 is a high-severity vulnerability in Autodesk Maya, classified under Out-of-bounds Read. CVSS score: 7.1/10. Published 2022-12-19.
How severe is CVE-2022-42946?
High severity. CVSS v3 base score is 7.1 out of 10.