cve-2023-25003
Vulnerability from cvelistv5
Published
2023-06-23 00:00
Modified
2024-12-05 17:10
Severity ?
Summary
A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25003",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T17:09:59.558363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T17:10:10.146Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": " AutoCAD, Maya ",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "out-of-bound read write / read",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-23T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25003",
    "datePublished": "2023-06-23T00:00:00",
    "dateReserved": "2023-02-01T00:00:00",
    "dateUpdated": "2024-12-05T17:10:10.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-25003\",\"sourceIdentifier\":\"psirt@autodesk.com\",\"published\":\"2023-06-23T19:15:08.983\",\"lastModified\":\"2024-11-21T07:48:54.767\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"19760052-9480-46D8-B5A3-7F6FE3F74ED6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"5269098B-1C20-4754-99F9-0A6B97E1490D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"00EACCCC-CD89-490B-BBC1-F06EA6867AFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"5829F52D-F61C-4B79-B724-3388B1B1723A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"70C48E66-DF91-4F0B-B93D-F6372BFC55C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"179FB815-E469-42A1-91CB-B766891C7552\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"CCB04040-8C83-4381-B762-61F0ED8C8CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"57C7CD03-53D7-4224-82AE-F7CD929E3F92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"05FD0056-F524-4475-BB41-0A4CC6E7A3EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"ADE81778-A65F-4A23-BDAC-AC28434E0887\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"D042F7CF-2694-437E-B60A-4C324EBAB1F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"DF68C32D-7015-4513-BEB2-2CFD08DC799B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"C5FC936E-91AC-4810-9A34-7384096A4922\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"D284FACA-DB0C-4182-96B7-F46EE28B0C54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"5A628855-3BE7-4B40-AFB7-7819CBD88D21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"A42B62B9-0ABA-4BE8-9115-6E633664FCE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"6A46B444-4436-4101-ABF8-DCF3F4E75D18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"E8994887-8E6A-4F6D-8A52-AB676E251B9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"731F5891-D398-49AE-BA04-179D9FD18ED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"E009D956-E27B-435B-A308-9279A7DA2087\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"07A37B8B-7345-463B-A074-D8C2F242A311\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"85F1017C-4552-4A97-B911-8785EF5DC9A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"0982CCA5-8834-43D7-8596-F330D7A0A52B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"B937A033-FDA2-461E-8697-2341A9DE23DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"A971D35C-8570-48E2-A6A6-0B2B5966BA56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"6FABCBE5-BF7B-4D2E-A886-8D38B3B82872\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"19A43BB0-22A6-4715-B556-1DE7CDCAF616\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"CF5BB84E-2F7B-4CC5-81F2-884562C1A18A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"3E60EF97-0AA1-480F-B03E-26709C58030F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"DE681603-E303-4759-B301-37BACF233C76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"29A021AB-AFB3-473C-8111-AB0C9D10C805\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"48F4A0E1-8004-40DF-8700-35B6BE99F3C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"D1456E3E-3B38-42E2-96FE-B14361E30CB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"E9601144-D1E1-4F8A-A6C0-447E17F14337\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2020\",\"versionEndExcluding\":\"2020.1.6\",\"matchCriteriaId\":\"2AA1C57D-9B7E-438B-AD71-784F29B8A185\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.3\",\"matchCriteriaId\":\"21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.3\",\"matchCriteriaId\":\"74942A53-8D7E-4706-B9C3-EB1C03488684\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.1\",\"matchCriteriaId\":\"4B95D329-E683-4128-8FC4-300CA974F1F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.2\",\"matchCriteriaId\":\"FE68AFE1-0F44-4B37-87E5-C7D658186425\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1\",\"matchCriteriaId\":\"089B7B95-60DC-44AD-A3A8-0F4844CEFB22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1\",\"matchCriteriaId\":\"1F89B484-5A9E-4C22-A9F7-976EF556C08A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.5\",\"matchCriteriaId\":\"DB97A508-D0AC-47D2-8CA3-156063FFC136\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.4\",\"matchCriteriaId\":\"D35916C1-A782-42AC-B4D4-4131D8F430C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.3.1\",\"matchCriteriaId\":\"7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.5\",\"matchCriteriaId\":\"8389D668-78CB-4CF9-85E0-E37A10D35698\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.3\",\"matchCriteriaId\":\"35B34667-2549-4EEE-B4F6-930DF7A7A8EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.4\",\"matchCriteriaId\":\"BB7E7583-0389-4959-B08E-BA433A32A84C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.2\",\"matchCriteriaId\":\"E32A04AB-5C19-4328-9240-5A030E904726\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.8\",\"matchCriteriaId\":\"3392ACCC-079C-4AF8-A0A8-408711C9D094\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.4\",\"matchCriteriaId\":\"CDF50B0E-69C5-4AD9-8C85-E695834E51BE\"}]}]}],\"references\":[{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009\",\"source\":\"psirt@autodesk.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.