CVE-2024-23137

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Autodesk AutoCAD (affected versions not specified)

Description A maliciously crafted STP or SLDPRT file, when parsed in ODXSW DLL.dll through Autodesk applications, can be used to access uninitialized variables. This issue, combined with other vulnerabilities, can lead to code execution in the current process.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908CWE-457

Related Identifiers

CVE-2024-23137

ZDI-24-142

ZDI-24-734

ZDI-24-745

Affected Products

Autodesk Autocad

CVE-2024-23137

Weakness Enumeration

Related Identifiers

Affected Products

References · 12