CVE-2024-23143

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Autodesk AutoCAD (affected versions not specified)

Description: A maliciously crafted 3DM, MODEL, and X B file can force an Out-of-Bound Read and/or Out-of-Bound Write when parsed in ASMkern229A.dll and ASMBASE229A.dll through Autodesk applications. This can allow a malicious actor to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125CWE-787

Related Identifiers

BDU:2024-09565

CVE-2024-23143

ZDI-24-696

ZDI-24-697

ZDI-24-698

ZDI-24-712

ZDI-24-717

ZDI-24-719

ZDI-24-722

ZDI-24-725

Affected Products

Autodesk Autocad

CVE-2024-23143

Weakness Enumeration

Related Identifiers

Affected Products

References · 22