Vulnerabilites related to autodesk - vred
Vulnerability from fkie_nvd
Published
2023-06-27 19:15
Modified
2024-11-21 07:56
Severity ?
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"id": "CVE-2023-29068",
"lastModified": "2024-11-21T07:56:29.737",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T19:15:09.457",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-27 23:15
Modified
2024-11-21 07:48
Severity ?
Summary
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:3ds_max:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "887292AA-AC0F-4931-B55B-5FAAA127E3D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:3ds_max:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "6731E5DD-43A2-4A62-8191-FE82096C68F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "8694D891-A923-4B62-A508-77E6EBC54646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC216B0-0CBC-4652-BCBB-E5A1EBE24F72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
"matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "2F75A973-839F-4BD0-8603-07AEF3F12476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:2023:*:*:*:*:*:*:*",
"matchCriteriaId": "408CDE75-A916-4C12-9FA2-FBFAB65CB0FF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution."
}
],
"id": "CVE-2023-25002",
"lastModified": "2024-11-21T07:48:54.660",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T23:15:09.590",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-23 19:15
Modified
2024-11-21 07:48
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"id": "CVE-2023-25003",
"lastModified": "2024-11-21T07:48:54.767",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-23T19:15:08.983",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-05 20:15
Modified
2025-08-18 21:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:design:*:*:*",
"matchCriteriaId": "C4F6AD8D-D83C-4A2C-A01F-D17C1D23AAAA",
"versionEndExcluding": "2025.2",
"versionStartIncluding": "2025",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution."
},
{
"lang": "es",
"value": " Al descargar un archivo binario creado con fines malintencionados, se podr\u00eda producir una escalada de privilegios a NT AUTHORITY/SYSTEM debido a que se utiliza una ruta de b\u00fasqueda no confiable en la aplicaci\u00f3n VRED Design. La explotaci\u00f3n de esta vulnerabilidad puede provocar la ejecuci\u00f3n de c\u00f3digo."
}
],
"id": "CVE-2024-7995",
"lastModified": "2025-08-18T21:15:29.723",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@autodesk.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2024-11-05T20:15:15.423",
"references": [
{
"source": "psirt@autodesk.com",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0022"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-426"
}
],
"source": "psirt@autodesk.com",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-06-27 19:15
Modified
2024-11-21 07:48
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
"versionEndExcluding": "2020.1.6",
"versionStartIncluding": "2020",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
"versionEndExcluding": "2021.1.3",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
"versionEndExcluding": "2022.1.3",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
"versionEndExcluding": "2023.1.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
"versionEndExcluding": "2021.2",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
"versionEndExcluding": "2022.1",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
"versionEndExcluding": "2023.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
"versionEndExcluding": "2021.5",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
"versionEndExcluding": "2023.3.1",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
"versionEndExcluding": "2022.5",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
"matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
"versionEndExcluding": "2023.3",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
"versionEndExcluding": "2022.4",
"versionStartIncluding": "2022",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
"versionEndExcluding": "2023.2",
"versionStartIncluding": "2023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
"versionEndExcluding": "2021.1.8",
"versionStartIncluding": "2021",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
"versionEndExcluding": "2023.4",
"versionStartIncluding": "2023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"id": "CVE-2023-25004",
"lastModified": "2024-11-21T07:48:54.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-27T19:15:09.383",
"references": [
{
"source": "psirt@autodesk.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"sourceIdentifier": "psirt@autodesk.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-07-07 11:01
Modified
2025-04-12 10:46
Severity ?
Summary
Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/402020 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/402020 | US Government Resource |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:vred:2014:*:*:*:professional:*:*:*",
"matchCriteriaId": "61C97210-65AC-4D79-BA9C-891FA5560203",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server."
},
{
"lang": "es",
"value": "Autodesk VRED Professional 2014 anterior a SR1 SP8 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de llamadas de librar\u00eda Python os en comandos Python API en el servidor web integrado."
}
],
"id": "CVE-2014-2967",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-07-07T11:01:29.947",
"references": [
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/402020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/402020"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-2967 (GCVE-0-2014-2967)
Vulnerability from cvelistv5
Published
2014-07-07 10:00
Modified
2024-08-06 10:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/402020 | third-party-advisory, x_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.348Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#402020",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/402020"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-07T05:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#402020",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/402020"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-2967",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code via Python os library calls in Python API commands to the integrated web server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#402020",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/402020"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-2967",
"datePublished": "2014-07-07T10:00:00",
"dateReserved": "2014-04-21T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.348Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25002 (GCVE-0-2023-25002)
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Use-after-free vulnerability
Summary
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25002",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:38:10.506379Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:39:41.206Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Multiple",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use-after-free vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0002"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25002",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T14:39:41.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7995 (GCVE-0-2024-7995)
Vulnerability from cvelistv5
Published
2024-11-05 20:06
Modified
2025-08-26 18:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-426 - Untrusted Search Path
Summary
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Autodesk | VRED Design |
Version: 2025 < 2025.2 cpe:2.3:a:autodesk:vred_design:2025:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:vred:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "vred",
"vendor": "autodesk",
"versions": [
{
"status": "affected",
"version": "2025"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7995",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-05T21:44:35.565911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-05T21:45:40.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:vred_design:2025:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "VRED Design",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.2",
"status": "affected",
"version": "2025",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution."
}
],
"impacts": [
{
"capecId": "CAPEC-38",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "CWE-426 Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T18:27:06.333Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0022"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Autodesk VRED Design Privilege Escalation Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-7995",
"datePublished": "2024-11-05T20:06:43.521Z",
"dateReserved": "2024-08-19T21:37:11.389Z",
"dateUpdated": "2025-08-26T18:27:06.333Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-29068 (GCVE-0-2023-29068)
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- memory corruption vulnerability
Summary
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk products |
Version: 2023, 2022, 2021, 2020 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:00:14.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-29068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:41:27.413833Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:41:43.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-29068",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-03-30T00:00:00",
"dateUpdated": "2024-12-05T14:41:43.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25003 (GCVE-0-2023-25003)
Vulnerability from cvelistv5
Published
2023-06-23 00:00
Modified
2024-12-05 17:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- out-of-bound read write / read
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | AutoCAD, Maya |
Version: 2023, 2022 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25003",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T17:09:59.558363Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T17:10:10.146Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": " AutoCAD, Maya ",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "out-of-bound read write / read",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-23T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25003",
"datePublished": "2023-06-23T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T17:10:10.146Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-25004 (GCVE-0-2023-25004)
Vulnerability from cvelistv5
Published
2023-06-27 00:00
Modified
2024-12-05 14:40
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Integer Overflow
Summary
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Autodesk products |
Version: 2023, 2022, 2021, 2020 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:11:43.391Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-25004",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-05T14:39:57.188378Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-05T14:40:18.983Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Autodesk products",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "2023, 2022, 2021, 2020"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Integer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-27T00:00:00",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2023-25004",
"datePublished": "2023-06-27T00:00:00",
"dateReserved": "2023-02-01T00:00:00",
"dateUpdated": "2024-12-05T14:40:18.983Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}