vulnerability

AutoDesk AutoCAD: CVE-2022-33885: Security Advisory for Autodesk AutoCAD, Advance Steel, Civil 3D, and Maya - ADSK-SA-2022-0020

Try Surface Command

Back to search

Severity

CVSS

(AV:L/AC:M/Au:N/C:C/I:C/A:C)

Published

Sep 22, 2022

Added

Jul 22, 2025

Modified

May 29, 2026

Description

CVE-2022-33885 - A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023, 2022, 2021, and 2020 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.

Solution

autodesk-autocad-upgrade-latest

References

CVE-2022-33885
https://attackerkb.com/topics/CVE-2022-33885
https://www.cve.org/CVERecord?id=CVE-2022-33885
https://www.autodesk.com/trust/security-advisories/ADSK-SA-2022-0020
https://euvd.enisa.europa.eu/vulnerability/EUVD-2022-36923
CWE-787
EUVD-EUVD-2022-36923

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report