Remote Code Execution Vulnerability in Autodesk Navisworks 2022

Remote Code Execution Vulnerability in Autodesk Navisworks 2022

CVE-2022-25796 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Learn more about our User Device Pen Test.