PT-2024-19681 · Autodesk · Autodesk Autocad

Published

2024-02-12

Updated

2025-04-11

CVE-2024-23131

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Autodesk AutoCAD (affected versions not specified)

Description A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll, or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption issue by write access violation. This issue, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2024-23131

ZDI-24-130

ZDI-24-134

ZDI-24-135

ZDI-24-139

ZDI-24-151

ZDI-24-154

ZDI-24-720

ZDI-24-743

ZDI-24-746

ZDI-24-747

ZDI-24-751

ZDI-24-752

ZDI-24-754

ZDI-24-757

ZDI-24-758

ZDI-24-759

ZDI-24-760

ZDI-24-761

ZDI-24-762

ZDI-24-763

ZDI-24-764

ZDI-24-765

ZDI-24-766

ZDI-24-768

ZDI-24-770

ZDI-24-773

Affected Products

Autodesk Autocad

PT-2024-19681 · Autodesk · Autodesk Autocad

CVE-2024-23131

Weakness Enumeration

Related Identifiers

Affected Products

References · 38