CVE-2024-8596
Vulnerability from cvelistv5
Published
2024-10-29 21:11
Modified
2025-04-25 20:20
Severity ?
EPSS score ?
0.04%
(0.1074)
Summary
A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-8596", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-30T13:51:44.864873Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-30T15:02:35.307Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { cpe: [ "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "AutoCAD", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "AutoCAD Architecture", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "AutoCAD Electrical", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "AutoCAD MAP 3D", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "AutoCAD Mechanical", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "AutoCAD MEP", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "AutoCAD Plant 3D", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "Civil 3D", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, { cpe: [ "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*", "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*", ], defaultStatus: "unaffected", product: "Advance Steel", vendor: "Autodesk", versions: [ { lessThan: "2025.1.1", status: "affected", version: "2025", versionType: "custom", }, { lessThan: "2024.1.7", status: "affected", version: "2024", versionType: "custom", }, { lessThan: "2023.1.7", status: "affected", version: "2023", versionType: "custom", }, { lessThan: "2022.1.6", status: "affected", version: "2022", versionType: "custom", }, ], }, ], descriptions: [ { lang: "en", supportingMedia: [ { base64: false, type: "text/html", value: "A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.", }, ], value: "A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.", }, ], impacts: [ { capecId: "CAPEC-100", descriptions: [ { lang: "en", value: "CAPEC-100 Overflow Buffers", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787 Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-04-25T20:20:00.913Z", orgId: "7e40ea87-bc65-4944-9723-dd79dd760601", shortName: "autodesk", }, references: [ { url: "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019", }, ], source: { discovery: "UNKNOWN", }, title: "Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Code Execution Vulnerability", x_generator: { engine: "Vulnogram 0.2.0", }, }, }, cveMetadata: { assignerOrgId: "7e40ea87-bc65-4944-9723-dd79dd760601", assignerShortName: "autodesk", cveId: "CVE-2024-8596", datePublished: "2024-10-29T21:11:36.053Z", dateReserved: "2024-09-09T04:55:18.208Z", dateUpdated: "2025-04-25T20:20:00.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2024-8596\",\"sourceIdentifier\":\"psirt@autodesk.com\",\"published\":\"2024-10-29T22:15:07.510\",\"lastModified\":\"2025-04-11T17:15:41.090\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\"},{\"lang\":\"es\",\"value\":\" Un archivo MODEL creado con fines malintencionados, cuando se analiza en libodxdll.dll a través de Autodesk AutoCAD, puede provocar una vulnerabilidad de escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar código arbitrario en el contexto del proceso actual.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@autodesk.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@autodesk.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"8108219C-2977-47DF-8818-F7360E0AEA31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"583DCDB2-2170-4A06-B532-31886E2F1B12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"A993F4D4-A2BA-42F7-B840-36BCCE6FF725\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"F4C616A7-A68D-42C5-88EB-9A6FE2C53116\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"F08AC00E-D022-401C-9A0F-55C5943591C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"FA51DA68-070A-40F6-BF50-DBC31DCDD224\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"9DF22F44-1D3F-4F18-9835-8E0AE817377C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.1.1\",\"matchCriteriaId\":\"C1E9CD44-2AD4-4145-9816-60D0BD468D37\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019\",\"source\":\"psirt@autodesk.com\"}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-8596\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-30T13:51:44.864873Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-30T14:02:32.419Z\"}}], \"cna\": {\"title\": \"Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Code Execution Vulnerability\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-100\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-100 Overflow Buffers\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpe\": [\"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Architecture\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Electrical\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD MAP 3D\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Mechanical\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD MEP\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Plant 3D\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"Civil 3D\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"Advance Steel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.1.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.6\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"7e40ea87-bc65-4944-9723-dd79dd760601\", \"shortName\": \"autodesk\", \"dateUpdated\": \"2025-04-25T20:20:00.913Z\"}}}", cveMetadata: "{\"cveId\": \"CVE-2024-8596\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-25T20:20:00.913Z\", \"dateReserved\": \"2024-09-09T04:55:18.208Z\", \"assignerOrgId\": \"7e40ea87-bc65-4944-9723-dd79dd760601\", \"datePublished\": \"2024-10-29T21:11:36.053Z\", \"assignerShortName\": \"autodesk\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.