Unity January 2023 Security Update Details

Empowers creators to build games, apps, or immersive experiences, featuring high-quality graphics, end-to-end multiplayer capabilities, multi-platform support, and AI enhancements

Makes real-time 3D creation and consumption more accessible, collaborative, and connected

Enables monetizing and acquiring users as well as publishing games, featuring LevelPlay, ad networks, TapJoy Offerwall, on-device advertising, and Supersonic for scaling mobile games into successful businesses

Unity Publishing

Supersonic from Unity provides publishing technology empowering you to scale your game profitably.

Learn how Unity can solve your toughest problems, unlock new opportunities, and bring your ideas to life.

From video games to manufacturing, Unity offers tools, services, and support that fit your business.

Explore the definitive information source for all of Unity’s features, UI, and workflows.

Developer tools

Find the latest downloads, releases, and other resources here. Explore the tools we have to benefit your project – documentation, roadmaps, Knowledge Base, Issue Tracker, and more.

Discover what’s possible with Unity and how to get the most out of our tools. Read case studies and industry reports, get expert guidance in best practices, and watch demos and technical deep dives.

Learn about the Unity demos, sample games, and projects that showcase our advancements in high-end visuals, real-time rendering, and more.

Join the action by posting questions and finding answers. Along the way, you’ll see awesome projects, meet your peers, and maybe even find someone to help your project or team.

Around the world, the Unity community gathers to share what we’ve learned, what we’re working on, and how you can take your projects further using Unity. Find an event near you.

Jump into the Unity Discord community, where game development is at the heart of every conversation. Join fellow creators in fresh discussions, get support from devs, share projects, and discover endless inspiration for your Unity projects.

Advance your Unity skills with award-winning tutorials, hands-on projects, and in-depth courses. Access over 750 hours of on-demand learning content for creators at every skill level.

Getting started

New to Unity? Start your creative journey from software installation and setup to learning the basics needed to create your first Unity projects.

Professional Training

Increase your productivity and improve workflows with Unity Professional Training. Whether you are a gaming or industry professional, our live expert-led courses and premium On-Demand Training platform will teach your team how to best succeed with Unity.

Enable students with the tools and learning experiences that will maximize their success with Unity.

Elevate your project with Success Plans designed for teams, projects, and budgets of all sizes. Minimize technical and strategic obstacles through reliable technical support, strategic guidance, and in-depth engineering reviews.

Get answers to common questions. This FAQ page is your go-to for helpful information on a variety of topics.

Need assistance? Find resources, contact Unity Support and get answers to your questions. We are dedicated to helping you every step of the way.

Plans and pricing

January 2023 Security Update Advisory

Overview

The Unity Editor, when importing FBX or SketchUp associated file types, is affected by memory corruption vulnerabilities which could lead to remote code execution.

The updated version of the Unity Editor includes the latest version of the Autodesk FBX SDK and SketchUp SDK security patches.

Vulnerability Details

CVE ID: Multiple, see advisories for more details:

ADSK-SA-2022-0022[1]
ADSK-SA-2021-0001[2]

Type: Remote Code Execution

Discovered: 2022/10/03

Discovered By: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

Patch Availability: 1/30/2023

Affected Operating System: All supported platforms

Affected Versions: All

Severity: High

Patch Versions:

2023.1.0a26

2022.2.3f1

2021.3.17f1

2020.3.44f1

Remediation Steps

If your version of the Unity Editor is not one of the listed versions, or higher, in the Patch Versions of the Vulnerability Details section, please update to the latest version available.You can view the current version and check for updates using “Check for Updates” feature in the Unity Editor as described in Manual: Check For Updates for your Unity Editor version.

Frequently asked questions

What type of vulnerability was addressed in this update?

+

What platforms are affected?

+

What versions of the Editor are being patched?

+

References

[1] https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0022

[2] https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0001