vulnerability

AutoDesk AutoCAD: CVE-2022-40674: expat/libcurl/SQLite/Zlib

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Jun 23, 2023	Jul 22, 2025	Jul 22, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jun 23, 2023

Added

Jul 22, 2025

Modified

Jul 22, 2025

Description

Autodesk products leveraging internal components, Autodesk Material Management, and those implicitly importing vulnerable versions expat and libcurl may be impacted by Out-of-bound Write, User-After-Free, Information Disclosure, Improper Input Validation, Business Logic Errors, location of Resources Without Limits or Throttling, Denial of Service, SSRF, Insufficiently Protected Credentials, and Improper Authentication - Generic vulnerabilities.

Solution

autodesk-autocad-upgrade-latest

References

CVE-2022-40674
https://attackerkb.com/topics/CVE-2022-40674
URL-https://www.cve.org/CVERecord?id=CVE-2022-40674
URL-https://www.autodesk.com/trust/security-advisories/ADSK-SA-2023-0015
CWE-416

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today