Vulnerabilites related to Autodesk - AutoCAD, Advance Steel and Civil 3D
CVE-2023-41139 (GCVE-0-2023-41139)
Vulnerability from cvelistv5
Published
2023-11-23 03:53
Modified
2024-08-02 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-822 - Untrusted Pointer Dereference
Summary
A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Autodesk | AutoCAD, Advance Steel and Civil 3D |
Version: 2024, 2023 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:03.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "AutoCAD, Advance Steel and Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2024, 2023"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-822",
"description": "CWE-822: Untrusted Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T03:53:09.761Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-41139",
"datePublished": "2023-11-23T03:53:09.761Z",
"dateReserved": "2023-08-23T17:55:48.799Z",
"dateUpdated": "2024-08-02T18:54:03.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23154 (GCVE-0-2024-23154)
Vulnerability from cvelistv5
Published
2024-06-25 03:27
Modified
2025-08-26 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2013:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThanOrEqual": "2024",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:39:05.594512Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:46:48.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.739Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:48:53.257Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23154",
"datePublished": "2024-06-25T03:27:56.293Z",
"dateReserved": "2024-01-11T21:51:21.128Z",
"dateUpdated": "2025-08-26T20:46:48.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23150 (GCVE-0-2024-23150)
Vulnerability from cvelistv5
Published
2024-06-25 03:17
Modified
2025-08-26 20:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_architecture",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_electrical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_map_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mechanical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mep",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_plant_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23150",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T20:31:33.417050Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:45:11.108Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted PRT file, when parsed in odxug_dll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:42:10.320Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23150",
"datePublished": "2024-06-25T03:17:21.321Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:45:11.108Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23137 (GCVE-0-2024-23137)
Vulnerability from cvelistv5
Published
2024-02-22 04:49
Modified
2025-08-28 14:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-457 - Use of Uninitialized Variable
Summary
A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23137",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:01:49.435037Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T16:24:17.429Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.731Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457: Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:27:03.473Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23137",
"datePublished": "2024-02-22T04:49:50.154Z",
"dateReserved": "2024-01-11T21:47:40.857Z",
"dateUpdated": "2025-08-28T14:27:03.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23123 (GCVE-0-2024-23123)
Vulnerability from cvelistv5
Published
2024-02-22 01:38
Modified
2025-08-28 14:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23123",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:17:15.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.726Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:33:10.699Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23123",
"datePublished": "2024-02-22T01:38:25.066Z",
"dateReserved": "2024-01-11T21:46:45.746Z",
"dateUpdated": "2025-08-28T14:33:10.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23127 (GCVE-0-2024-23127)
Vulnerability from cvelistv5
Published
2024-02-22 02:59
Modified
2025-08-28 14:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23127",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:18:39.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:32:45.130Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23127",
"datePublished": "2024-02-22T02:59:48.198Z",
"dateReserved": "2024-01-11T21:46:45.746Z",
"dateUpdated": "2025-08-28T14:32:45.130Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23133 (GCVE-0-2024-23133)
Vulnerability from cvelistv5
Published
2024-02-22 04:11
Modified
2025-08-26 20:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23133",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:28:41.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:21:29.354Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23133",
"datePublished": "2024-02-22T04:11:47.319Z",
"dateReserved": "2024-01-11T21:47:40.856Z",
"dateUpdated": "2025-08-26T20:28:41.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23148 (GCVE-0-2024-23148)
Vulnerability from cvelistv5
Published
2024-06-25 02:42
Modified
2025-08-26 20:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23148",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:28:48.562977Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:44:27.261Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:32.154Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:38:50.441Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23148",
"datePublished": "2024-06-25T02:42:11.300Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:44:27.261Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23129 (GCVE-0-2024-23129)
Vulnerability from cvelistv5
Published
2024-02-22 03:24
Modified
2025-08-28 14:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23129",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:19:16.085Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:31:38.054Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23129",
"datePublished": "2024-02-22T03:24:17.047Z",
"dateReserved": "2024-01-11T21:46:45.746Z",
"dateUpdated": "2025-08-28T14:31:38.054Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23158 (GCVE-0-2024-23158)
Vulnerability from cvelistv5
Published
2024-06-25 03:31
Modified
2025-08-26 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T14:31:23.903824Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:47:56.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:52:41.077Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23158",
"datePublished": "2024-06-25T03:31:47.315Z",
"dateReserved": "2024-01-11T21:51:41.602Z",
"dateUpdated": "2025-08-26T20:47:56.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29076 (GCVE-0-2023-29076)
Vulnerability from cvelistv5
Published
2023-11-23 03:45
Modified
2024-12-02 20:32
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Autodesk | AutoCAD, Advance Steel and Civil 3D |
Version: 2024, 2023 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29076",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T20:32:49.055057Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T20:32:57.620Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "AutoCAD, Advance Steel and Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2024, 2023"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\n"
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T03:45:53.401Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29076",
"datePublished": "2023-11-23T03:45:53.401Z",
"dateReserved": "2023-03-30T21:27:50.092Z",
"dateUpdated": "2024-12-02T20:32:57.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23152 (GCVE-0-2024-23152)
Vulnerability from cvelistv5
Published
2024-06-25 03:25
Modified
2025-08-26 20:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23152",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-04T16:51:34.502886Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:45:55.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.703Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:43:32.840Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23152",
"datePublished": "2024-06-25T03:25:46.136Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:45:55.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23124 (GCVE-0-2024-23124)
Vulnerability from cvelistv5
Published
2024-02-22 02:14
Modified
2025-08-26 20:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted STP file, when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23124",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:17:33.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP file, when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP file, when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:22:08.824Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23124",
"datePublished": "2024-02-22T02:14:25.627Z",
"dateReserved": "2024-01-11T21:46:45.746Z",
"dateUpdated": "2025-08-26T20:17:33.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37004 (GCVE-0-2024-37004)
Vulnerability from cvelistv5
Published
2024-06-25 03:13
Modified
2025-08-27 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:24:45.484817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:14:02.838Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted SLDPRT file, when parsed in ASMKERN229A.dll through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:59:18.269Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37004",
"datePublished": "2024-06-25T03:13:05.174Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:14:02.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37006 (GCVE-0-2024-37006)
Vulnerability from cvelistv5
Published
2024-06-25 03:15
Modified
2025-08-27 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37006",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:16:33.319239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:13:36.557Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.517Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T18:06:03.490Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37006",
"datePublished": "2024-06-25T03:15:46.957Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:13:36.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23157 (GCVE-0-2024-23157)
Vulnerability from cvelistv5
Published
2024-06-25 03:30
Modified
2025-08-26 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_architecture",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_electrical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_map_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mechanical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mep",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_plant_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T20:33:31.339206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:47:40.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:51:48.725Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23157",
"datePublished": "2024-06-25T03:30:58.799Z",
"dateReserved": "2024-01-11T21:51:41.601Z",
"dateUpdated": "2025-08-26T20:47:40.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23125 (GCVE-0-2024-23125)
Vulnerability from cvelistv5
Published
2024-02-22 02:23
Modified
2025-08-26 20:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:17:56.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:22:38.673Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23125",
"datePublished": "2024-02-22T02:23:09.032Z",
"dateReserved": "2024-01-11T21:46:45.746Z",
"dateUpdated": "2025-08-26T20:17:56.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23128 (GCVE-0-2024-23128)
Vulnerability from cvelistv5
Published
2024-02-22 03:18
Modified
2025-08-28 14:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23128",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:27:14.348745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:18:54.654Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:32:02.594Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23128",
"datePublished": "2024-02-22T03:18:00.232Z",
"dateReserved": "2024-01-11T21:46:45.746Z",
"dateUpdated": "2025-08-28T14:32:02.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36999 (GCVE-0-2024-36999)
Vulnerability from cvelistv5
Published
2024-06-25 03:33
Modified
2025-08-27 21:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36999",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T19:11:39.790482Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:15:16.816Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.596Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T18:04:37.893Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-36999",
"datePublished": "2024-06-25T03:33:58.183Z",
"dateReserved": "2024-05-30T20:11:46.548Z",
"dateUpdated": "2025-08-27T21:15:16.816Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23132 (GCVE-0-2024-23132)
Vulnerability from cvelistv5
Published
2024-02-22 04:10
Modified
2025-08-26 17:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-23132",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-26T16:24:43.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.681Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:20:58.850Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23132",
"datePublished": "2024-02-22T04:10:53.175Z",
"dateReserved": "2024-01-11T21:47:40.856Z",
"dateUpdated": "2025-08-26T17:20:58.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29073 (GCVE-0-2023-29073)
Vulnerability from cvelistv5
Published
2023-11-23 03:07
Modified
2024-08-02 14:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Autodesk | AutoCAD, Advance Steel and Civil 3D |
Version: 2024, 2023 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "AutoCAD, Advance Steel and Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2024, 2023"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T03:07:13.478Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29073",
"datePublished": "2023-11-23T03:07:13.478Z",
"dateReserved": "2023-03-30T21:27:50.091Z",
"dateUpdated": "2024-08-02T14:00:15.309Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29074 (GCVE-0-2023-29074)
Vulnerability from cvelistv5
Published
2023-11-23 03:36
Modified
2024-08-02 14:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Autodesk | AutoCAD, Advance Steel and Civil 3D |
Version: 2024, 2023 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "AutoCAD, Advance Steel and Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2024, 2023"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787: Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T03:36:41.944Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29074",
"datePublished": "2023-11-23T03:36:41.944Z",
"dateReserved": "2023-03-30T21:27:50.092Z",
"dateUpdated": "2024-08-02T14:00:15.859Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23122 (GCVE-0-2024-23122)
Vulnerability from cvelistv5
Published
2024-02-22 01:36
Modified
2025-08-28 14:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:39:23.052424Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:16:49.025Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:33:40.063Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23122",
"datePublished": "2024-02-22T01:36:34.080Z",
"dateReserved": "2024-01-11T21:46:45.745Z",
"dateUpdated": "2025-08-28T14:33:40.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23145 (GCVE-0-2024-23145)
Vulnerability from cvelistv5
Published
2024-06-25 02:27
Modified
2025-08-26 20:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted PRT file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23145",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:30:24.476007Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:43:36.037Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted PRT file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted PRT file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:37:11.829Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23145",
"datePublished": "2024-06-25T02:27:23.995Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:43:36.037Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23149 (GCVE-0-2024-23149)
Vulnerability from cvelistv5
Published
2024-06-25 02:43
Modified
2025-08-26 20:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted SLDDRW file, when parsed in ODXSW_DLL.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23149",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:18:08.558926Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:44:46.764Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.673Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e A maliciously crafted SLDDRW file, when parsed in ODXSW_DLL.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted SLDDRW file, when parsed in ODXSW_DLL.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:40:38.458Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23149",
"datePublished": "2024-06-25T02:43:08.569Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:44:46.764Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37000 (GCVE-0-2024-37000)
Vulnerability from cvelistv5
Published
2024-06-25 03:01
Modified
2025-08-27 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:23:33.352025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:14:52.645Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:55:59.625Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37000",
"datePublished": "2024-06-25T03:01:53.604Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:14:52.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23151 (GCVE-0-2024-23151)
Vulnerability from cvelistv5
Published
2024-06-25 03:24
Modified
2025-08-26 20:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23151",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T19:49:38.703918Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:45:30.610Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.713Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:42:36.101Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23151",
"datePublished": "2024-06-25T03:24:54.043Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:45:30.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23153 (GCVE-0-2024-23153)
Vulnerability from cvelistv5
Published
2024-06-25 03:26
Modified
2025-08-26 20:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_architecture",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_electrical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_map_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mechanical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mep",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_plant_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T20:33:01.431935Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:46:14.928Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL file, when parsed in libodx.dll through Autodesk applications, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:48:01.118Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23153",
"datePublished": "2024-06-25T03:26:37.392Z",
"dateReserved": "2024-01-11T21:51:21.128Z",
"dateUpdated": "2025-08-26T20:46:14.928Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23156 (GCVE-0-2024-23156)
Vulnerability from cvelistv5
Published
2024-06-25 03:30
Modified
2025-08-26 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:-:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_plant_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T19:14:44.418256Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:47:22.496Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:32.153Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:51:13.648Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23156",
"datePublished": "2024-06-25T03:30:03.304Z",
"dateReserved": "2024-01-11T21:51:41.601Z",
"dateUpdated": "2025-08-26T20:47:22.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23135 (GCVE-0-2024-23135)
Vulnerability from cvelistv5
Published
2024-02-22 04:34
Modified
2025-08-26 20:38
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23135",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:38:56.298Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:24:45.409Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23135",
"datePublished": "2024-02-22T04:34:27.533Z",
"dateReserved": "2024-01-11T21:47:40.857Z",
"dateUpdated": "2025-08-26T20:38:56.298Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23146 (GCVE-0-2024-23146)
Vulnerability from cvelistv5
Published
2024-06-25 02:28
Modified
2025-08-26 20:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23146",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:30:00.518542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:43:52.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:37:49.350Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23146",
"datePublished": "2024-06-25T02:28:20.607Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:43:52.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29075 (GCVE-0-2023-29075)
Vulnerability from cvelistv5
Published
2023-11-23 03:39
Modified
2024-10-15 17:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Autodesk | AutoCAD, Advance Steel and Civil 3D |
Version: 2024, 2023 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:15.331Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-29075",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:36:14.228108Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:46:11.626Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "AutoCAD, Advance Steel and Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2024, 2023"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T03:39:44.267Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29075",
"datePublished": "2023-11-23T03:39:44.267Z",
"dateReserved": "2023-03-30T21:27:50.092Z",
"dateUpdated": "2024-10-15T17:46:11.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37003 (GCVE-0-2024-37003)
Vulnerability from cvelistv5
Published
2024-06-25 03:12
Modified
2025-08-27 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:25:12.539478Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:14:17.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG and SLDPRT file, when parsed in opennurbs.dll and ODXSW_DLL.dll through Autodesk applications, can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:58:19.577Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37003",
"datePublished": "2024-06-25T03:12:13.660Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:14:17.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23131 (GCVE-0-2024-23131)
Vulnerability from cvelistv5
Published
2024-02-22 04:05
Modified
2025-08-28 14:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23131",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:22:56.189Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.784Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:28:54.749Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23131",
"datePublished": "2024-02-22T04:05:15.064Z",
"dateReserved": "2024-01-11T21:47:40.856Z",
"dateUpdated": "2025-08-28T14:28:54.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23144 (GCVE-0-2024-23144)
Vulnerability from cvelistv5
Published
2024-06-25 02:10
Modified
2025-08-26 20:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23144",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:31:17.885600Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:42:50.547Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.414Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:36:40.396Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23144",
"datePublished": "2024-06-25T02:10:02.389Z",
"dateReserved": "2024-01-11T21:51:08.013Z",
"dateUpdated": "2025-08-26T20:42:50.547Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23147 (GCVE-0-2024-23147)
Vulnerability from cvelistv5
Published
2024-06-25 02:32
Modified
2025-08-26 20:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23147",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:29:29.658321Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:44:09.091Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:38:15.429Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23147",
"datePublished": "2024-06-25T02:32:13.779Z",
"dateReserved": "2024-01-11T21:51:21.127Z",
"dateUpdated": "2025-08-26T20:44:09.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37001 (GCVE-0-2024-37001)
Vulnerability from cvelistv5
Published
2024-06-25 03:03
Modified
2025-08-27 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37001",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:27:08.824776Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:14:38.763Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:57:05.066Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37001",
"datePublished": "2024-06-25T03:03:33.153Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:14:38.763Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37002 (GCVE-0-2024-37002)
Vulnerability from cvelistv5
Published
2024-06-25 03:07
Modified
2025-08-27 21:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-457 - Use of Uninitialized Variable
Summary
A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:12:54.230669Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:14:27.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.523Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457: Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:57:35.571Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37002",
"datePublished": "2024-06-25T03:07:28.673Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:14:27.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23155 (GCVE-0-2024-23155)
Vulnerability from cvelistv5
Published
2024-06-25 03:28
Modified
2025-08-26 20:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T15:16:32.010596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:47:05.885Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.298Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:50:35.422Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23155",
"datePublished": "2024-06-25T03:28:44.767Z",
"dateReserved": "2024-01-11T21:51:41.601Z",
"dateUpdated": "2025-08-26T20:47:05.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37007 (GCVE-0-2024-37007)
Vulnerability from cvelistv5
Published
2024-06-25 03:35
Modified
2025-08-27 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37007",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-26T18:59:23.695414Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:13:22.152Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T18:06:31.489Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37007",
"datePublished": "2024-06-25T03:35:23.524Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:13:22.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-41140 (GCVE-0-2023-41140)
Vulnerability from cvelistv5
Published
2023-11-23 03:56
Modified
2024-08-02 18:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Autodesk | AutoCAD, Advance Steel and Civil 3D |
Version: 2024, 2023 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:54:04.017Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "AutoCAD, Advance Steel and Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"status": "affected",
"version": "2024, 2023"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\n"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-23T03:56:11.372Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-41140",
"datePublished": "2023-11-23T03:56:11.372Z",
"dateReserved": "2023-08-23T17:55:48.800Z",
"dateUpdated": "2024-08-02T18:54:04.017Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23126 (GCVE-0-2024-23126)
Vulnerability from cvelistv5
Published
2024-02-22 02:25
Modified
2025-08-26 20:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack-based Buffer Overflow
Summary
A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:18:15.532Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.572Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121: Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:23:21.678Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23126",
"datePublished": "2024-02-22T02:25:01.889Z",
"dateReserved": "2024-01-11T21:46:45.746Z",
"dateUpdated": "2025-08-26T20:18:15.532Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37005 (GCVE-0-2024-37005)
Vulnerability from cvelistv5
Published
2024-06-25 03:13
Modified
2025-08-27 21:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.4 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37005",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-25T13:24:16.255743Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-27T21:13:49.343Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:43:50.683Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.4",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T17:11:33.127Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-37005",
"datePublished": "2024-06-25T03:13:51.990Z",
"dateReserved": "2024-05-30T20:11:46.549Z",
"dateUpdated": "2025-08-27T21:13:49.343Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23159 (GCVE-0-2024-23159)
Vulnerability from cvelistv5
Published
2024-06-25 03:33
Modified
2025-08-26 20:48
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-457 - Use of Uninitialized Variable
Summary
A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.1 Version: 2024 < 2024.1.5 Version: 2023 < 2023.1.6 Version: 2022 < 2022.1.5 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "advance_steel",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "civil_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_architecture",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_electrical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_map_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mechanical",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_mep",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_plant_3d",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2024"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23159",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T20:33:57.567211Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:48:14.038Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:31.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.5",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.6",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.5",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-457",
"description": "CWE-457: Use of Uninitialized Variable",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:53:08.997Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23159",
"datePublished": "2024-06-25T03:33:00.849Z",
"dateReserved": "2024-01-11T21:51:41.602Z",
"dateUpdated": "2025-08-26T20:48:14.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23130 (GCVE-0-2024-23130)
Vulnerability from cvelistv5
Published
2024-02-22 03:33
Modified
2025-08-28 14:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Memory Corruption - Generic
Summary
A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23130",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:19:43.829Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.563Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Memory Corruption - Generic",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-28T14:29:38.666Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23130",
"datePublished": "2024-02-22T03:33:55.872Z",
"dateReserved": "2024-01-11T21:47:40.855Z",
"dateUpdated": "2025-08-28T14:29:38.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23136 (GCVE-0-2024-23136)
Vulnerability from cvelistv5
Published
2024-02-22 04:48
Modified
2025-08-26 20:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-822 - Untrusted Pointer Dereference
Summary
A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | Autodesk | AutoCAD |
Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4 cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:* |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_advance_steel",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad_civil_3d",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "autocad",
"vendor": "autodesk",
"versions": [
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23136",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-22T14:40:30.040434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T20:39:14.680Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:59:30.674Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.0.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.3",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.5",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.4",
"status": "affected",
"version": "2022",
"versionType": "custom"
},
{
"lessThan": "2021.1.4",
"status": "affected",
"version": "2021",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-129",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-129 Pointer Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-822",
"description": "CWE-822: Untrusted Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T17:25:42.038Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
},
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-23136",
"datePublished": "2024-02-22T04:48:25.677Z",
"dateReserved": "2024-01-11T21:47:40.857Z",
"dateUpdated": "2025-08-26T20:39:14.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}