CWE-416
Use After Free
The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.
CVE-2024-9725 (GCVE-0-2024-9725)
Vulnerability from cvelistv5 – Published: 2024-11-22 20:51 – Updated: 2024-12-04 21:39
VLAI
Title
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24109.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trimble | SketchUp Viewer |
Affected:
22.0.316.0
|
|
| trimble | sketchup_viewer |
Affected:
22.0.316.0
cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:* |
Date Public
2024-11-12 22:21
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sketchup_viewer",
"vendor": "trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9725",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:15:38.272749Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:39:22.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SketchUp Viewer",
"vendor": "Trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"dateAssigned": "2024-10-09T19:38:51.843Z",
"datePublic": "2024-11-12T22:21:50.544Z",
"descriptions": [
{
"lang": "en",
"value": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24109."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:51:52.444Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1478",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1478/"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9725",
"datePublished": "2024-11-22T20:51:52.444Z",
"dateReserved": "2024-10-09T19:38:51.810Z",
"dateUpdated": "2024-12-04T21:39:22.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9727 (GCVE-0-2024-9727)
Vulnerability from cvelistv5 – Published: 2024-11-22 20:52 – Updated: 2024-12-04 21:39
VLAI
Title
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24111.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trimble | SketchUp Viewer |
Affected:
22.0.316.0
|
|
| trimble | sketchup_viewer |
Affected:
22.0.316.0
cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:* |
Date Public
2024-11-12 22:21
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sketchup_viewer",
"vendor": "trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9727",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:15:35.858526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:39:00.414Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SketchUp Viewer",
"vendor": "Trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"dateAssigned": "2024-10-09T19:38:59.170Z",
"datePublic": "2024-11-12T22:21:34.432Z",
"descriptions": [
{
"lang": "en",
"value": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24111."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:52:03.170Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1476",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1476/"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9727",
"datePublished": "2024-11-22T20:52:03.170Z",
"dateReserved": "2024-10-09T19:38:59.155Z",
"dateUpdated": "2024-12-04T21:39:00.414Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9728 (GCVE-0-2024-9728)
Vulnerability from cvelistv5 – Published: 2024-11-22 20:52 – Updated: 2024-12-04 21:38
VLAI
Title
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24112.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trimble | SketchUp Viewer |
Affected:
22.0.316.0
|
|
| trimble | sketchup_viewer |
Affected:
22.0.316.0
cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:* |
Date Public
2024-11-12 22:22
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sketchup_viewer",
"vendor": "trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9728",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:15:34.527138Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:38:48.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SketchUp Viewer",
"vendor": "Trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"dateAssigned": "2024-10-09T19:39:05.488Z",
"datePublic": "2024-11-12T22:22:22.991Z",
"descriptions": [
{
"lang": "en",
"value": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24112."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:52:07.576Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1484",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1484/"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9728",
"datePublished": "2024-11-22T20:52:07.576Z",
"dateReserved": "2024-10-09T19:39:05.473Z",
"dateUpdated": "2024-12-04T21:38:48.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9729 (GCVE-0-2024-9729)
Vulnerability from cvelistv5 – Published: 2024-11-22 20:52 – Updated: 2024-12-04 21:38
VLAI
Title
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24144.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Trimble | SketchUp Viewer |
Affected:
22.0.316.0
|
|
| trimble | sketchup_viewer |
Affected:
22.0.316.0
cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:* |
Date Public
2024-10-11 22:10
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:trimble:sketchup_viewer:22.0.316.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sketchup_viewer",
"vendor": "trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-26T15:15:33.402450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-04T21:38:37.686Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "SketchUp Viewer",
"vendor": "Trimble",
"versions": [
{
"status": "affected",
"version": "22.0.316.0"
}
]
}
],
"dateAssigned": "2024-10-09T19:39:09.999Z",
"datePublic": "2024-10-11T22:10:23.785Z",
"descriptions": [
{
"lang": "en",
"value": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of SKP files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24144."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T20:52:11.935Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1380",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1380/"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Trimble SketchUp Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9729",
"datePublished": "2024-11-22T20:52:11.935Z",
"dateReserved": "2024-10-09T19:39:09.985Z",
"dateUpdated": "2024-12-04T21:38:37.686Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9732 (GCVE-0-2024-9732)
Vulnerability from cvelistv5 – Published: 2024-11-22 21:00 – Updated: 2024-11-25 15:15
VLAI
Title
Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XPS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24385.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Tungsten Automation | Power PDF |
Affected:
5.0.0.10.0.23307
|
|
| tungstenautomation | power_pdf |
Affected:
5.0.0.10.0.23307 , < 5.1
(custom)
cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:* |
Date Public
2024-10-11 21:56
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "power_pdf",
"vendor": "tungstenautomation",
"versions": [
{
"lessThan": "5.1",
"status": "affected",
"version": "5.0.0.10.0.23307",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T15:09:55.430415Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T15:15:33.081Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Power PDF",
"vendor": "Tungsten Automation",
"versions": [
{
"status": "affected",
"version": "5.0.0.10.0.23307"
}
]
}
],
"dateAssigned": "2024-10-09T19:42:20.591Z",
"datePublic": "2024-10-11T21:56:32.763Z",
"descriptions": [
{
"lang": "en",
"value": "Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XPS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24385."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T21:00:40.170Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1337",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1337/"
}
],
"source": {
"lang": "en",
"value": "Rocco Calvi (@TecR0c) with TecSecurity"
},
"title": "Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9732",
"datePublished": "2024-11-22T21:00:40.170Z",
"dateReserved": "2024-10-09T19:42:20.559Z",
"dateUpdated": "2024-11-25T15:15:33.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9748 (GCVE-0-2024-9748)
Vulnerability from cvelistv5 – Published: 2024-11-22 21:00 – Updated: 2024-11-25 15:15
VLAI
Title
Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XPS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24464.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Tungsten Automation | Power PDF |
Affected:
5.0.0.10.0.23307
|
|
| tungstenautomation | power_pdf |
Affected:
5.0.0.10.0.23307 , < 5.1
(custom)
cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:* |
Date Public
2024-10-11 21:56
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "power_pdf",
"vendor": "tungstenautomation",
"versions": [
{
"lessThan": "5.1",
"status": "affected",
"version": "5.0.0.10.0.23307",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9748",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T15:09:48.064028Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T15:15:32.828Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Power PDF",
"vendor": "Tungsten Automation",
"versions": [
{
"status": "affected",
"version": "5.0.0.10.0.23307"
}
]
}
],
"dateAssigned": "2024-10-09T19:43:28.212Z",
"datePublic": "2024-10-11T21:56:48.555Z",
"descriptions": [
{
"lang": "en",
"value": "Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of XPS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24464."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T21:00:49.020Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1339",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1339/"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Tungsten Automation Power PDF XPS File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9748",
"datePublished": "2024-11-22T21:00:49.020Z",
"dateReserved": "2024-10-09T19:43:28.192Z",
"dateUpdated": "2024-11-25T15:15:32.828Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9764 (GCVE-0-2024-9764)
Vulnerability from cvelistv5 – Published: 2024-11-22 21:02 – Updated: 2024-11-25 15:15
VLAI
Title
Tungsten Automation Power PDF PDF File Parsing Use-After-Free Remote Code Execution Vulnerability
Summary
Tungsten Automation Power PDF PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24480.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Tungsten Automation | Power PDF |
Affected:
5.0.0.10.0.23307
|
|
| tungstenautomation | power_pdf |
Affected:
5.0.0.10.0.23307 , < 5.1
(custom)
cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:* |
Date Public
2024-10-11 21:59
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:tungstenautomation:power_pdf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "power_pdf",
"vendor": "tungstenautomation",
"versions": [
{
"lessThan": "5.1",
"status": "affected",
"version": "5.0.0.10.0.23307",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9764",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-25T15:09:28.578198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-25T15:15:32.239Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Power PDF",
"vendor": "Tungsten Automation",
"versions": [
{
"status": "affected",
"version": "5.0.0.10.0.23307"
}
]
}
],
"dateAssigned": "2024-10-09T19:44:34.469Z",
"datePublic": "2024-10-11T21:59:58.748Z",
"descriptions": [
{
"lang": "en",
"value": "Tungsten Automation Power PDF PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24480."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-22T21:02:17.678Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-1362",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1362/"
}
],
"source": {
"lang": "en",
"value": "Mat Powell of Trend Micro Zero Day Initiative"
},
"title": "Tungsten Automation Power PDF PDF File Parsing Use-After-Free Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-9764",
"datePublished": "2024-11-22T21:02:17.678Z",
"dateReserved": "2024-10-09T19:44:34.448Z",
"dateUpdated": "2024-11-25T15:15:32.239Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9826 (GCVE-0-2024-9826)
Vulnerability from cvelistv5 – Published: 2024-10-29 21:14 – Updated: 2025-08-26 18:39
VLAI
Title
Autodesk AutoCAD ACTranslators 3DM File Parsing Use-After-Free Code Execution Vulnerability
Summary
A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
Impacted products
9 products
| Vendor | Product | Version | |
|---|---|---|---|
| Autodesk | AutoCAD |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* |
|
| Autodesk | AutoCAD Architecture |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:* |
|
| Autodesk | AutoCAD Electrical |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:* |
|
| Autodesk | AutoCAD MAP 3D |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:* |
|
| Autodesk | AutoCAD Mechanical |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:* |
|
| Autodesk | AutoCAD MEP |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:* |
|
| Autodesk | AutoCAD Plant 3D |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:* |
|
| Autodesk | Civil 3D |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:* |
|
| Autodesk | Advance Steel |
Affected:
2025 , < 2025.1.1
(custom)
Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:37.301745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:50.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T18:39:48.177Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD ACTranslators 3DM File Parsing Use-After-Free Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9826",
"datePublished": "2024-10-29T21:14:31.382Z",
"dateReserved": "2024-10-10T18:38:23.523Z",
"dateUpdated": "2025-08-26T18:39:48.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9979 (GCVE-0-2024-9979)
Vulnerability from cvelistv5 – Published: 2024-10-15 14:01 – Updated: 2025-11-20 19:59
VLAI
Title
Pyo3: risk of use-after-free in `borrowed` reads from python weak references
Summary
A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://access.redhat.com/security/cve/CVE-2024-9979 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2318646 | issue-trackingx_refsource_REDHAT |
| https://crates.io/crates/pyo3 | |
| https://github.com/PyO3/pyo3/pull/4590 | |
| https://rustsec.org/advisories/RUSTSEC-2024-0378.html |
Impacted products
5 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
0.22.0 , < 0.22.4
(semver)
|
|||
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
Date Public
2024-10-12 12:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T14:19:04.359472Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T14:25:37.340Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/PyO3/pyo3",
"defaultStatus": "unaffected",
"packageName": "pyo3",
"versions": [
{
"lessThan": "0.22.4",
"status": "affected",
"version": "0.22.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-nh3",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-rpds-py",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"packageName": "python-rpds-py",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-cryptography",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "python3.12-cryptography",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "python3.11-cryptography",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "python3.12-cryptography",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
}
],
"datePublic": "2024-10-12T12:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T19:59:29.920Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-9979"
},
{
"name": "RHBZ#2318646",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318646"
},
{
"url": "https://crates.io/crates/pyo3"
},
{
"url": "https://github.com/PyO3/pyo3/pull/4590"
},
{
"url": "https://rustsec.org/advisories/RUSTSEC-2024-0378.html"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-10-14T21:01:23.698Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-10-12T12:00:00.000Z",
"value": "Made public."
}
],
"title": "Pyo3: risk of use-after-free in `borrowed` reads from python weak references",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-416: Use After Free"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-9979",
"datePublished": "2024-10-15T14:01:54.309Z",
"dateReserved": "2024-10-15T06:47:28.744Z",
"dateUpdated": "2025-11-20T19:59:29.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-0015 (GCVE-0-2025-0015)
Vulnerability from cvelistv5 – Published: 2025-02-03 10:21 – Updated: 2025-02-03 15:49
VLAI
Title
Mali GPU Kernel Driver allows improper GPU processing operations
Summary
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0.
Severity
7.8 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-416 - Use After Free
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Arm Ltd | Valhall GPU Kernel Driver |
Affected:
r48p0 , ≤ r49p1
(patch)
Affected: r50p0 , ≤ r52p0 (patch) |
|
| Arm Ltd | Arm 5th Gen GPU Architecture Kernel Driver |
Affected:
r48p0 , ≤ r49p1
(patch)
Affected: r50p0 , ≤ r52p0 (patch) |
Date Public
2025-02-03 09:30
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-0015",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-03T15:48:21.279663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T15:49:50.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Valhall GPU Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r49p2",
"status": "unaffected"
}
],
"lessThanOrEqual": "r49p1",
"status": "affected",
"version": "r48p0",
"versionType": "patch"
},
{
"changes": [
{
"at": "r53p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r52p0",
"status": "affected",
"version": "r50p0",
"versionType": "patch"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Arm 5th Gen GPU Architecture Kernel Driver",
"vendor": "Arm Ltd",
"versions": [
{
"changes": [
{
"at": "r49p2",
"status": "unaffected"
}
],
"lessThanOrEqual": "r49p1",
"status": "affected",
"version": "r48p0",
"versionType": "patch"
},
{
"changes": [
{
"at": "r53p0",
"status": "unaffected"
}
],
"lessThanOrEqual": "r52p0",
"status": "affected",
"version": "r50p0",
"versionType": "patch"
}
]
}
],
"datePublic": "2025-02-03T09:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.\u003cp\u003eThis issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0.\u003c/p\u003e"
}
],
"value": "Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0; Arm 5th Gen GPU Architecture Kernel Driver: from r48p0 through r49p1, from r50p0 through r52p0."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-03T10:21:12.696Z",
"orgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"shortName": "Arm"
},
"references": [
{
"url": "https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue is fixed in the Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p2 and r53p0. Users are recommended to upgrade if they are impacted by this issue. \u003cbr\u003e"
}
],
"value": "This issue is fixed in the Valhall and Arm 5th Gen GPU Architecture Kernel Driver r49p2 and r53p0. Users are recommended to upgrade if they are impacted by this issue."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Mali GPU Kernel Driver allows improper GPU processing operations",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "56a131ea-b967-4a0d-a41e-5f3549952846",
"assignerShortName": "Arm",
"cveId": "CVE-2025-0015",
"datePublished": "2025-02-03T10:21:12.696Z",
"dateReserved": "2024-10-17T15:12:32.433Z",
"dateUpdated": "2025-02-03T15:49:50.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Strategy: Language Selection
Description:
- Choose a language that provides automatic memory management.
Mitigation
Phase: Implementation
Strategy: Attack Surface Reduction
Description:
- When freeing pointers, be sure to set them to NULL once they are freed. However, the utilization of multiple or complex data structures may lower the usefulness of this strategy.
No CAPEC attack patterns related to this CWE.