Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2025-5039

Vulnerability from fkie_nvd - Published: 2025-07-24 17:15 - Updated: 2025-08-19 14:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.

References

	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	infrastructure_parts_editor	*
autodesk	inventor	*
autodesk	navisworks_manage	*
autodesk	navisworks_simulate	*
autodesk	revit	*
autodesk	vault	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03EE8BC1-4EC3-49E3-9C1C-CFBD8C531ECD",
              "versionEndExcluding": "2026.0.2",
              "versionStartIncluding": "2026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF7D5DEC-D172-49F2-89AE-9BFC5DFE98A6",
              "versionEndExcluding": "2026.0.2",
              "versionStartIncluding": "2026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E916918-4CF5-4628-BD1B-C6FA94CBB353",
              "versionEndExcluding": "2026.0.2",
              "versionStartIncluding": "2026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5AB26D6-C349-48FB-9A09-C32C987904A8",
              "versionEndExcluding": "2026.0.2",
              "versionStartIncluding": "2026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B92B643-9C29-4604-8967-EB7A238120AB",
              "versionEndExcluding": "2026.0.2",
              "versionStartIncluding": "2026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA7B4A5-345D-47E2-B295-0AF2BE88C19E",
              "versionEndExcluding": "2026.0.2",
              "versionStartIncluding": "2026",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
    },
    {
      "lang": "es",
      "value": "Un archivo binario manipulado con fines malintencionados, cuando est\u00e1 presente durante la carga de archivos en ciertas aplicaciones de Autodesk, podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del proceso actual debido al uso de una ruta de b\u00fasqueda no confiable."
    }
  ],
  "id": "CVE-2025-5039",
  "lastModified": "2025-08-19T14:15:40.773",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-07-24T17:15:32.817",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2025-1276

Vulnerability from fkie_nvd - Published: 2025-04-15 21:15 - Updated: 2025-08-19 13:15

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

URL	Tags
psirt@autodesk.com	https://www.autodesk.com/products/autodesk-access/overview
psirt@autodesk.com	https://www.autodesk.com/products/dwg-trueview/overview
psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	advance_steel	*
autodesk	advance_steel	*
autodesk	advance_steel	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	civil_3d	*
autodesk	civil_3d	*
autodesk	civil_3d	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks_manage	*
autodesk	navisworks_manage	*
autodesk	navisworks_simulate	*
autodesk	navisworks_simulate	*
autodesk	revit	*
autodesk	revit	*
autodesk	vault	*
autodesk	vault	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6635B2E-79F9-4E17-91DE-3147AEAAECD3",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF0503B6-5889-44EA-82BD-8975C69DC4EF",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B8EE53-5CD1-4CC9-9829-ED06BEB742C8",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "BAA7DE4E-9D9D-4A3C-9813-1ECA420CA55D",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "973B1CE6-8763-42F4-9E43-46CA1C0398FE",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "6DF31D4A-4E66-4425-98C3-3A4172F27634",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5628D4-B66A-4D97-A079-0288AB4A78D1",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7063D783-E671-421A-99D2-AC6DFAAA298C",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDEB087-1A78-402D-A50F-64A172B941D3",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6F5A94-EE54-43B3-955F-7C3615D6E0E0",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC07F09-9A3B-4E9B-9A06-D9AC6DD82535",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F923BEB3-D0A6-4FB8-95CA-4AF1369FAB08",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "3B8C034F-57BD-4F6D-B6F0-904FC1212CBB",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "5A34FC4A-17E3-4F32-AF55-146A3E0A8D73",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "DACE53EA-C06D-4BAD-A47C-2AD7D9BA3FC7",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E920B994-CFAF-4585-BBFB-5BB453BB091A",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A19D6B-8863-4A0C-9422-53EF25653A22",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E858EBC9-08A6-480C-A896-C15A1D89FAF7",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9F716E-DA62-473B-8057-D5C1ED9A6068",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F24D151E-23F1-4EBF-8949-088F6A95C2F0",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6BBD42-FFD8-474D-8ABA-A614B5F74508",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DB2C5D-9640-45E1-9D5C-12514E9C6C1B",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A20CE8-64D8-4F4B-9BF8-84A5D691051E",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "939BC44C-8CF2-4BA7-AC06-71B679BDF69A",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54718FCB-A8EE-4852-B406-0D3A41633A4F",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC171BB-5A63-4D93-BAB4-E4C0743686C9",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD85595-32CE-4517-A17F-E3E48114EE6B",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC6A58E-5F08-4D92-8640-D21C24A34B85",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84402AA2-842C-4F45-BEEE-01B4399F8A2D",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E4D88D-B3B5-42A9-B3B6-E95BDCC1E805",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB3814C7-89F1-4769-A667-8A941FECFECA",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5615AA3-02AB-41E6-B207-C8E2BF14381B",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68D32CA8-DAE5-454E-9611-6DC7D39936B6",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ACA58FE-046E-47D0-B091-58725ABC1D5E",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06EEA81D-D2D2-4553-8B50-7CF851D2F451",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2D3721-3DFB-4BF2-AB50-F7FB5D582DFB",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33271DFE-EA9E-470B-889C-920D7CC014D9",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C24857A-342D-4B37-89D7-BAD0C71D58F1",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B7FDC4-BEC1-4F90-A112-6960176F6748",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28734A5D-CAEB-4F94-9892-DA3F45E3DA41",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B72D634-D894-406F-81F0-2421BA22FFAD",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "328F43A7-346C-4C9D-8153-74497327D053",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C38D944-8471-47A0-AFAC-ECA76CB58E57",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6486EE-BCC7-469A-B5B7-B9950B1DEF67",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "611BC4BF-41BF-46D9-ADB2-92B6CBAB9FBE",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo DWG manipulado con fines maliciosos, al analizarse mediante ciertas aplicaciones de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-1276",
  "lastModified": "2025-08-19T13:15:39.800",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-15T21:15:47.320",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/dwg-trueview/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}

FKIE_CVE-2023-29068

Vulnerability from fkie_nvd - Published: 2023-06-27 19:15 - Updated: 2024-11-21 07:56

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

References

	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	alias	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	maya_usd	*
autodesk	maya_usd	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	vred	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
              "versionEndExcluding": "2022.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
              "versionEndExcluding": "2023.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
              "versionEndExcluding": "2021.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
              "versionEndExcluding": "2023.3.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
              "versionEndExcluding": "2022.5",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
              "versionEndExcluding": "2023.3",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
              "versionEndExcluding": "2023.2",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
              "versionEndExcluding": "2021.1.8",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
              "versionEndExcluding": "2023.4",
              "versionStartIncluding": "2023",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
    }
  ],
  "id": "CVE-2023-29068",
  "lastModified": "2024-11-21T07:56:29.737",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-27T19:15:09.457",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2023-25004

Vulnerability from fkie_nvd - Published: 2023-06-27 19:15 - Updated: 2024-11-21 07:48

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.

References

	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	alias	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	maya_usd	*
autodesk	maya_usd	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	vred	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
              "versionEndExcluding": "2022.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
              "versionEndExcluding": "2023.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
              "versionEndExcluding": "2021.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
              "versionEndExcluding": "2023.3.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
              "versionEndExcluding": "2022.5",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
              "versionEndExcluding": "2023.3",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
              "versionEndExcluding": "2023.2",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
              "versionEndExcluding": "2021.1.8",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
              "versionEndExcluding": "2023.4",
              "versionStartIncluding": "2023",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
    }
  ],
  "id": "CVE-2023-25004",
  "lastModified": "2024-11-21T07:48:54.893",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-27T19:15:09.383",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-190"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2023-25003

Vulnerability from fkie_nvd - Published: 2023-06-23 19:15 - Updated: 2024-11-21 07:48

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.

References

	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	alias	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	maya_usd	*
autodesk	maya_usd	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	vred	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19760052-9480-46D8-B5A3-7F6FE3F74ED6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5269098B-1C20-4754-99F9-0A6B97E1490D",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00EACCCC-CD89-490B-BBC1-F06EA6867AFD",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5829F52D-F61C-4B79-B724-3388B1B1723A",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70C48E66-DF91-4F0B-B93D-F6372BFC55C9",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85E0DDB-60A9-4AEA-BAA3-34E8DF25BF96",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "179FB815-E469-42A1-91CB-B766891C7552",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCB04040-8C83-4381-B762-61F0ED8C8CC0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C7CD03-53D7-4224-82AE-F7CD929E3F92",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "05FD0056-F524-4475-BB41-0A4CC6E7A3EA",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE81778-A65F-4A23-BDAC-AC28434E0887",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D042F7CF-2694-437E-B60A-4C324EBAB1F0",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF68C32D-7015-4513-BEB2-2CFD08DC799B",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5FC936E-91AC-4810-9A34-7384096A4922",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D284FACA-DB0C-4182-96B7-F46EE28B0C54",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A628855-3BE7-4B40-AFB7-7819CBD88D21",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A42B62B9-0ABA-4BE8-9115-6E633664FCE6",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A46B444-4436-4101-ABF8-DCF3F4E75D18",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8994887-8E6A-4F6D-8A52-AB676E251B9F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "731F5891-D398-49AE-BA04-179D9FD18ED2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E009D956-E27B-435B-A308-9279A7DA2087",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07A37B8B-7345-463B-A074-D8C2F242A311",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "85F1017C-4552-4A97-B911-8785EF5DC9A6",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0982CCA5-8834-43D7-8596-F330D7A0A52B",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B937A033-FDA2-461E-8697-2341A9DE23DB",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A971D35C-8570-48E2-A6A6-0B2B5966BA56",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C0FA7D7-85D0-4E32-950E-1DE6D0C4342C",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FABCBE5-BF7B-4D2E-A886-8D38B3B82872",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19A43BB0-22A6-4715-B556-1DE7CDCAF616",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF5BB84E-2F7B-4CC5-81F2-884562C1A18A",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E60EF97-0AA1-480F-B03E-26709C58030F",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC2B3E51-4AAD-4A1E-951D-6428A0C8D6BA",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE681603-E303-4759-B301-37BACF233C76",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29A021AB-AFB3-473C-8111-AB0C9D10C805",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F4A0E1-8004-40DF-8700-35B6BE99F3C0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1456E3E-3B38-42E2-96FE-B14361E30CB2",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9601144-D1E1-4F8A-A6C0-447E17F14337",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA1C57D-9B7E-438B-AD71-784F29B8A185",
              "versionEndExcluding": "2020.1.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21BE9909-DAA0-4A7C-8AAA-42A984FA0AF0",
              "versionEndExcluding": "2021.1.3",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "74942A53-8D7E-4706-B9C3-EB1C03488684",
              "versionEndExcluding": "2022.1.3",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B95D329-E683-4128-8FC4-300CA974F1F1",
              "versionEndExcluding": "2023.1.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "089B7B95-60DC-44AD-A3A8-0F4844CEFB22",
              "versionEndExcluding": "2022.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F89B484-5A9E-4C22-A9F7-976EF556C08A",
              "versionEndExcluding": "2023.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB97A508-D0AC-47D2-8CA3-156063FFC136",
              "versionEndExcluding": "2021.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D35916C1-A782-42AC-B4D4-4131D8F430C3",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A104E6A-8018-4F7F-ADBB-C1F3B29E4F8A",
              "versionEndExcluding": "2023.3.1",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8389D668-78CB-4CF9-85E0-E37A10D35698",
              "versionEndExcluding": "2022.5",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35B34667-2549-4EEE-B4F6-930DF7A7A8EA",
              "versionEndExcluding": "2023.3",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7E7583-0389-4959-B08E-BA433A32A84C",
              "versionEndExcluding": "2022.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E32A04AB-5C19-4328-9240-5A030E904726",
              "versionEndExcluding": "2023.2",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3392ACCC-079C-4AF8-A0A8-408711C9D094",
              "versionEndExcluding": "2021.1.8",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDF50B0E-69C5-4AD9-8C85-E695834E51BE",
              "versionEndExcluding": "2023.4",
              "versionStartIncluding": "2023",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
    }
  ],
  "id": "CVE-2023-25003",
  "lastModified": "2024-11-21T07:48:54.767",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-06-23T19:15:08.983",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        },
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-40162

Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Los archivos TIF, PICT, TGA o RLC dise\u00f1ados de forma maliciosa en el componente de procesamiento de im\u00e1genes de Autodesk pueden ser forzados a leer m\u00e1s all\u00e1 de los l\u00edmites asignados cuando son analizados los archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2021-40162",
  "lastModified": "2024-11-21T06:23:42.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.383",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-40164

Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code.

References

	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Podr\u00eda producirse un desbordamiento del b\u00fafer en la regi\u00f3n heap de la memoria pila mientras son analizados archivos TIFF, PICT, TGA o RLC. Esta vulnerabilidad puede ser explotada para ejecutar c\u00f3digo arbitrario"
    }
  ],
  "id": "CVE-2021-40164",
  "lastModified": "2024-11-21T06:23:42.310",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.560",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-40163

Vulnerability from fkie_nvd - Published: 2022-10-07 18:15 - Updated: 2024-11-21 06:23

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component.

References

	URL	Tags
	psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_advance_steel	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_civil_3d	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_lt	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	design_review	2018
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	dwg_trueview	*
autodesk	fusion	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	*
autodesk	infrastructure_parts_editor	2021
autodesk	infrastructure_parts_editor	2022
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	*
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2019.3
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2020.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2021.2
autodesk	infraworks	2022.0
autodesk	infraworks	2022.0
autodesk	infraworks	2022.1
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	inventor	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	navisworks	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	*
autodesk	revit	2022
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	*
autodesk	storm_and_sanitary_analysis	2019
autodesk	storm_and_sanitary_analysis	2022

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E84020-F179-4AF3-BF9C-6D27259B2847",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87941CE7-7F89-4A09-BBE8-A0D829273A63",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F98B75B-1471-42A7-BCDA-95F7E65B7FD1",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5F50DF-4792-4A29-BB21-5821CA5E3A22",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "183990CB-4AA2-4EEE-8A14-8BF3AD203347",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A416E4B-0910-45FB-B468-A6D159C6FD11",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A873E71-BC29-43BC-AFB2-98C06AE29F3B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED3A19CA-3D6A-42D6-86C5-6B4E494064FF",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9338B09-BCD8-4E67-A331-1B8D5FB5DA24",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F616B84F-B471-43B9-BC5D-BA6CCE461F56",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD0B37E9-4987-4B96-9B31-6168961E1496",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9466EE6-83C9-492F-8486-F3E6C1DD9F5A",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20371433-EA59-442E-947A-CF0A6AFD750C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF176D9D-1FAE-42DA-B03C-5A3E66408D52",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD0CB6CF-53F6-4FED-8BE5-F3E31832237F",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "145CD700-BC3E-4F2B-82ED-FA51A0296C67",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86CF88E0-A49D-4528-8135-6BE5C9E5DD7C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E716111F-273B-48DF-ADEA-44BADE5E7FEB",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71FA0271-BE55-48AD-B88D-34645684E9DE",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DD91E39-A3D8-4806-A778-608FD6C29BB2",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77A1562A-07B8-4130-B319-1BE2800D8771",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E59ACB5-8745-46A8-889E-005DEA38925B",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "8FB94403-A063-4BDB-BE35-E198BF128709",
              "versionEndExcluding": "2020.3.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFFE146F-4AB2-45B2-9F87-52DD8DC26B85",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "06B6CA6F-48E9-4A48-B1A2-7537DCE9939E",
              "versionEndExcluding": "2021.2.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D01E3771-86FD-483D-BCCB-1B1CDD4C482F",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*",
              "matchCriteriaId": "EEC464C9-D741-41B4-B460-B4305BCD83FA",
              "versionEndExcluding": "2022.2.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "230F8974-9613-4B58-8621-67CCE81E208C",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9184783-2476-4ED0-9F05-CA2AC68446B3",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "752B8F1C-54E3-4985-97A4-86FBF13E6BFD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "120326C3-E212-4341-A25D-BC3DD50CF228",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0FCE36-8A0F-4CDB-86B3-D8F7875511FD",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BAA6D71-2B11-4490-A1C4-652347582EF6",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F78C528-605C-46F3-8CF0-828B682745B3",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B117299A-C5FE-419F-9C1C-DF58A2772055",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1075AC6C-C9E1-45EA-B371-B06235C6AA86",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBC04C9D-9E69-4CB7-BF7A-D3B8C0670114",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E140DC9-7000-48ED-A5C7-B23023DFB199",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC178212-E440-46E9-9F00-60A5516D4D72",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C71A1AD7-4651-4FA9-9114-023E07DCB285",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A2E5FC-9717-47C1-A223-F90DC572DAB0",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "984491F0-8303-4C6C-B884-00C032D797DD",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7ED0DB1D-6F37-4C1B-B55E-42F3A4E34299",
              "versionEndExcluding": "2022.1.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:-:*:*:*:*:*:*",
              "matchCriteriaId": "213232B9-A40B-436D-A66A-B65C49D59BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix:*:*:*:*:*:*",
              "matchCriteriaId": "2D0CF4DC-ACA5-41D0-B28E-CEB5D2C96F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix2:*:*:*:*:*:*",
              "matchCriteriaId": "84ED1789-A17F-48F7-A152-09D2A5C59254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:design_review:2018:hotfix3:*:*:*:*:*:*",
              "matchCriteriaId": "74819924-EB63-4BBF-9986-FEF6100EEE15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FB6CD03-F783-49F7-A9D2-C97C642E8B29",
              "versionEndExcluding": "2019.1.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E9DF065-576B-46B8-9F64-A16D9CB25398",
              "versionEndExcluding": "2020.1.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "631D559D-B4CB-4D6A-93A7-94C0CA9C232B",
              "versionEndExcluding": "2021.1.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "713BBAEC-BE6D-40BC-9FB3-EBB906FB09BA",
              "versionEndExcluding": "2022.1.1",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:fusion:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E6ACCB8-A327-484D-A542-9BC30BA4554A",
              "versionEndExcluding": "2.0.11405",
              "versionStartIncluding": "2.0.10356",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F3054F1-0ED3-4C71-90E0-764EC5757F6B",
              "versionEndExcluding": "2019.2.2",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27BA9C22-0044-429D-AD68-C040DF0E1E34",
              "versionEndExcluding": "2020.0.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2021:*:*:*:*:*:*:*",
              "matchCriteriaId": "C59A098D-F778-49BB-8B02-61DFA956D456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "829ACB24-271D-440F-8723-FDAE2430373E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36D46284-4E2E-4C56-B830-3C786D5A238F",
              "versionEndExcluding": "2019.3",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "180513CE-CEC1-4FF7-B1CB-03835D6B8797",
              "versionEndExcluding": "2020.2",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE68AFE1-0F44-4B37-87E5-C7D658186425",
              "versionEndExcluding": "2021.2",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "6974FEA3-2CDE-438D-A153-372A20E0338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "3D85361A-B19D-444A-A075-73DF234C081B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "8F7898E8-E540-4775-943C-26A4A7A7BA60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2019.3:hotfix_3:*:*:*:*:*:*",
              "matchCriteriaId": "5C6290F4-E5E6-4146-982E-9CB0FC693B5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "9A3FB713-593D-4CF4-97EE-10498DF3B008",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "1AF37BF8-1921-4D94-89D3-7890F2DA7048",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2020.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "7A1EAD58-4213-4340-9019-543A223C155D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "E8799159-8E69-4463-96D9-920E64A675B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "DDAE8B1C-5799-4FCB-AA1F-E01C72C545B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2021.2:hotfix_2:*:*:*:*:*:*",
              "matchCriteriaId": "BAB28476-5965-441D-AAEF-F76F7C599F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "23B89172-71E0-482F-ABD9-E640EE18E1B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.0:hotfix_1:*:*:*:*:*:*",
              "matchCriteriaId": "C7E432F3-925E-4120-9568-F679302A26B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infraworks:2022.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA85576C-0D0E-4724-AC3F-0FCB9B4F7D2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE08EFFE-4D11-4CFD-A013-4ABEB5D8D36F",
              "versionEndExcluding": "2019.6",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B1AA4E-8E9C-40C3-9402-92B64BE19D83",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "400ADD0C-F69C-41DF-B682-5DE90B2BC142",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53B7E4C-4F2E-428D-A6CB-D4F2FB5865B0",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8C5795-C1E7-4E84-BAFD-A2F16DCD0B51",
              "versionEndExcluding": "2019.7",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC07E959-8A9E-448D-9E4F-EF7D41C4B1A7",
              "versionEndExcluding": "2020.5",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD6A1944-2576-406F-8010-9080C68654D5",
              "versionEndExcluding": "2021.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AAFCE8D-C6FA-4179-BBD8-134F91261FEC",
              "versionEndExcluding": "2022.2",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34EEF338-800E-4350-BC57-815A4AC19523",
              "versionEndExcluding": "2019.2.4",
              "versionStartIncluding": "2019",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655285C9-9DBC-4DA3-8A53-7D87A2CFFBF7",
              "versionEndExcluding": "2020.2.6",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81E7B898-A0C4-4458-8389-3310A2A889AE",
              "versionEndExcluding": "2021.1.5",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "70FD96A0-AC16-4E51-B4C1-6BB14C2D905A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FDF255-2066-4115-83BC-D38DD09A8E6A",
              "versionEndExcluding": "2020.3.1",
              "versionStartIncluding": "2020",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2591CF9-EA06-4EEC-9A13-80CE6864C08A",
              "versionEndExcluding": "2021.3.1",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AC1FC52-ACBC-4119-B42E-0297375B4522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:storm_and_sanitary_analysis:2022:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEAA2573-ABD3-4379-ADBE-A0508D2D38EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de corrupci\u00f3n de memoria puede conllevar a una ejecuci\u00f3n de c\u00f3digo mediante archivos DLL dise\u00f1ados de forma maliciosa por medio del componente de procesamiento de im\u00e1genes de Autodesk"
    }
  ],
  "id": "CVE-2021-40163",
  "lastModified": "2024-11-21T06:23:42.163",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-07T18:15:14.460",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0011"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2025-5039 (GCVE-0-2025-5039)

Vulnerability from cvelistv5 – Published: 2025-07-24 17:11 – Updated: 2025-08-19 13:17

Summary

A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-426 - Untrusted Search Path

Assigner

autodesk

References

URL

Tags

	https://www.autodesk.com/products/autodesk-access…	patch
	https://www.autodesk.com/trust/security-advisorie…	vendor-advisory

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2026 , < 2026.1 (custom)
cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_lt:2026:::::::*
Autodesk	AutoCAD Architecture	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_architecture:2026:::::::*
Autodesk	AutoCAD Electrical	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_electrical:2026:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2026:::::::*
Autodesk	AutoCAD MEP	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_mep:2026:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2026:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2026:::::::*
Autodesk	Civil 3D	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:civil_3d:2026:::::::*
Autodesk	Advance Steel	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:advance_steel:2026:::::::*
Autodesk	RealDWG	Affected: 2026 , < 2026.0.2 (custom) cpe:2.3:a:autodesk:realdwg:2026:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5039",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-24T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-25T03:55:30.703Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.0.2",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-38",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:17:42.116Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-5039",
    "datePublished": "2025-07-24T17:11:14.714Z",
    "dateReserved": "2025-05-21T13:00:59.147Z",
    "dateUpdated": "2025-08-19T13:17:42.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1276 (GCVE-0-2025-1276)

Vulnerability from cvelistv5 – Published: 2025-04-15 20:55 – Updated: 2025-10-07 20:54

Summary

A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Assigner

autodesk

References

URL

Tags

	https://www.autodesk.com/products/autodesk-access…	patch
	https://www.autodesk.com/products/dwg-trueview/overview	patch
	https://www.autodesk.com/trust/security-advisorie…	vendor-advisory

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*

Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::*
Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1276",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-17T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-18T03:55:45.569Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-07T20:54:16.150Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/dwg-trueview/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-1276",
    "datePublished": "2025-04-15T20:55:04.255Z",
    "dateReserved": "2025-02-13T15:16:31.469Z",
    "dateUpdated": "2025-10-07T20:54:16.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7992 (GCVE-0-2024-7992)

Vulnerability from cvelistv5 – Published: 2024-10-29 21:50 – Updated: 2025-08-26 18:24

Summary

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-121 - Stack Overflow

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7992",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:27.431632Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:00:32.444Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted DWG file, when parsed\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:24:31.298Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-7992",
    "datePublished": "2024-10-29T21:50:13.232Z",
    "dateReserved": "2024-08-19T21:37:08.684Z",
    "dateUpdated": "2025-08-26T18:24:31.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7991 (GCVE-0-2024-7991)

Vulnerability from cvelistv5 – Published: 2024-10-29 21:49 – Updated: 2025-08-26 18:23

Summary

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7991",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:28.629296Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:00:49.205Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:23:54.066Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-7991",
    "datePublished": "2024-10-29T21:49:02.128Z",
    "dateReserved": "2024-08-19T21:37:04.701Z",
    "dateUpdated": "2025-08-26T18:23:54.066Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9997 (GCVE-0-2024-9997)

Vulnerability from cvelistv5 – Published: 2024-10-29 21:45 – Updated: 2025-08-26 18:41

Summary

A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9997",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:29.745174Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:00:57.856Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:41:04.035Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-9997",
    "datePublished": "2024-10-29T21:45:59.005Z",
    "dateReserved": "2024-10-15T13:39:39.800Z",
    "dateUpdated": "2025-08-26T18:41:04.035Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9996 (GCVE-0-2024-9996)

Vulnerability from cvelistv5 – Published: 2024-10-29 21:45 – Updated: 2025-08-26 18:40

Summary

A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9996",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:30.961199Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:01:08.447Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:40:39.783Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-9996",
    "datePublished": "2024-10-29T21:45:17.527Z",
    "dateReserved": "2024-10-15T13:39:36.931Z",
    "dateUpdated": "2025-08-26T18:40:39.783Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9489 (GCVE-0-2024-9489)

Vulnerability from cvelistv5 – Published: 2024-10-29 21:44 – Updated: 2025-08-26 18:38

Summary

A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9489",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:32.196438Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:01:17.148Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:38:42.629Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-9489",
    "datePublished": "2024-10-29T21:44:39.027Z",
    "dateReserved": "2024-10-03T18:19:18.769Z",
    "dateUpdated": "2025-08-26T18:38:42.629Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8896 (GCVE-0-2024-8896)

Vulnerability from cvelistv5 – Published: 2024-10-29 21:43 – Updated: 2025-08-26 18:38

Summary

A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-908 - Use of Uninitialized Resource

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8896",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:33.412413Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:01:25.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DXF file when parsed in acdb25.dll\u0026nbsp;through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DXF file when parsed in acdb25.dll\u00a0through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908 Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:38:07.811Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DXF File Parsing Unitialized Variable Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-8896",
    "datePublished": "2024-10-29T21:43:11.437Z",
    "dateReserved": "2024-09-16T14:34:49.668Z",
    "dateUpdated": "2025-08-26T18:38:07.811Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25004 (GCVE-0-2023-25004)

Vulnerability from cvelistv5 – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:40

Summary

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.

Severity ?

No CVSS data available.

CWE

Integer Overflow

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

	Vendor	Product	Version
	n/a	Autodesk products	Affected: 2023, 2022, 2021, 2020

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25004",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T14:39:57.188378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T14:40:18.983Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autodesk products",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022, 2021, 2020"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-27T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25004",
    "datePublished": "2023-06-27T00:00:00",
    "dateReserved": "2023-02-01T00:00:00",
    "dateUpdated": "2024-12-05T14:40:18.983Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-29068 (GCVE-0-2023-29068)

Vulnerability from cvelistv5 – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:41

Summary

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Severity ?

No CVSS data available.

CWE

memory corruption vulnerability

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

	Vendor	Product	Version
	n/a	Autodesk products	Affected: 2023, 2022, 2021, 2020

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:00:14.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-29068",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T14:41:27.413833Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T14:41:43.199Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autodesk products",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022, 2021, 2020"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "memory corruption vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-27T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-29068",
    "datePublished": "2023-06-27T00:00:00",
    "dateReserved": "2023-03-30T00:00:00",
    "dateUpdated": "2024-12-05T14:41:43.199Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25003 (GCVE-0-2023-25003)

Vulnerability from cvelistv5 – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:10

Summary

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.

Severity ?

No CVSS data available.

CWE

out-of-bound read write / read

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

	Vendor	Product	Version
	n/a	AutoCAD, Maya	Affected: 2023, 2022

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25003",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T17:09:59.558363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T17:10:10.146Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": " AutoCAD, Maya ",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "out-of-bound read write / read",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-23T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25003",
    "datePublished": "2023-06-23T00:00:00",
    "dateReserved": "2023-02-01T00:00:00",
    "dateUpdated": "2024-12-05T17:10:10.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5039 (GCVE-0-2025-5039)

Vulnerability from nvd – Published: 2025-07-24 17:11 – Updated: 2025-08-19 13:17

Summary

A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-426 - Untrusted Search Path

Assigner

autodesk

References

URL

Tags

	https://www.autodesk.com/products/autodesk-access…	patch
	https://www.autodesk.com/trust/security-advisorie…	vendor-advisory

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2026 , < 2026.1 (custom)
cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_lt:2026:::::::*
Autodesk	AutoCAD Architecture	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_architecture:2026:::::::*
Autodesk	AutoCAD Electrical	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_electrical:2026:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2026:::::::*
Autodesk	AutoCAD MEP	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_mep:2026:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2026:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2026:::::::*
Autodesk	Civil 3D	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:civil_3d:2026:::::::*
Autodesk	Advance Steel	Affected: 2026 , < 2026.1 (custom) cpe:2.3:a:autodesk:advance_steel:2026:::::::*
Autodesk	RealDWG	Affected: 2026 , < 2026.0.2 (custom) cpe:2.3:a:autodesk:realdwg:2026:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5039",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-24T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-25T03:55:30.703Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.0.2",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-38",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-19T13:17:42.116Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-5039",
    "datePublished": "2025-07-24T17:11:14.714Z",
    "dateReserved": "2025-05-21T13:00:59.147Z",
    "dateUpdated": "2025-08-19T13:17:42.116Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1276 (GCVE-0-2025-1276)

Vulnerability from nvd – Published: 2025-04-15 20:55 – Updated: 2025-10-07 20:54

Summary

A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Assigner

autodesk

References

URL

Tags

	https://www.autodesk.com/products/autodesk-access…	patch
	https://www.autodesk.com/products/dwg-trueview/overview	patch
	https://www.autodesk.com/trust/security-advisorie…	vendor-advisory

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.2 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*

Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::*
Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.2 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1276",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-17T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-18T03:55:45.569Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-07T20:54:16.150Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/dwg-trueview/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-1276",
    "datePublished": "2025-04-15T20:55:04.255Z",
    "dateReserved": "2025-02-13T15:16:31.469Z",
    "dateUpdated": "2025-10-07T20:54:16.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7992 (GCVE-0-2024-7992)

Vulnerability from nvd – Published: 2024-10-29 21:50 – Updated: 2025-08-26 18:24

Summary

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-121 - Stack Overflow

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7992",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:27.431632Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:00:32.444Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted DWG file, when parsed\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "CWE-121 Stack Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:24:31.298Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-7992",
    "datePublished": "2024-10-29T21:50:13.232Z",
    "dateReserved": "2024-08-19T21:37:08.684Z",
    "dateUpdated": "2025-08-26T18:24:31.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7991 (GCVE-0-2024-7991)

Vulnerability from nvd – Published: 2024-10-29 21:49 – Updated: 2025-08-26 18:23

Summary

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7991",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:28.629296Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:00:49.205Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:23:54.066Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-7991",
    "datePublished": "2024-10-29T21:49:02.128Z",
    "dateReserved": "2024-08-19T21:37:04.701Z",
    "dateUpdated": "2025-08-26T18:23:54.066Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9997 (GCVE-0-2024-9997)

Vulnerability from nvd – Published: 2024-10-29 21:45 – Updated: 2025-08-26 18:41

Summary

A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9997",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:29.745174Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:00:57.856Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:41:04.035Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-9997",
    "datePublished": "2024-10-29T21:45:59.005Z",
    "dateReserved": "2024-10-15T13:39:39.800Z",
    "dateUpdated": "2025-08-26T18:41:04.035Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9996 (GCVE-0-2024-9996)

Vulnerability from nvd – Published: 2024-10-29 21:45 – Updated: 2025-08-26 18:40

Summary

A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-Bounds Write

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9996",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:30.961199Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:01:08.447Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:40:39.783Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-9996",
    "datePublished": "2024-10-29T21:45:17.527Z",
    "dateReserved": "2024-10-15T13:39:36.931Z",
    "dateUpdated": "2025-08-26T18:40:39.783Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9489 (GCVE-0-2024-9489)

Vulnerability from nvd – Published: 2024-10-29 21:44 – Updated: 2025-08-26 18:38

Summary

A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9489",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:32.196438Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:01:17.148Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:38:42.629Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-9489",
    "datePublished": "2024-10-29T21:44:39.027Z",
    "dateReserved": "2024-10-03T18:19:18.769Z",
    "dateUpdated": "2025-08-26T18:38:42.629Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8896 (GCVE-0-2024-8896)

Vulnerability from nvd – Published: 2024-10-29 21:43 – Updated: 2025-08-26 18:38

Summary

A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-908 - Use of Uninitialized Resource

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

Vendor

Product

Version

Autodesk

AutoCAD

Affected: 2025 , < 2025.1.1 (custom)
Affected: 2024 , < 2024.1.7 (custom)
Affected: 2023 , < 2023.1.7 (custom)
Affected: 2022 , < 2022.1.6 (custom)
    cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*

Autodesk	AutoCAD LT	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_lt:2025:::::::* cpe:2.3:a:autodesk:autocad_lt:2024:::::::* cpe:2.3:a:autodesk:autocad_lt:2023:::::::* cpe:2.3:a:autodesk:autocad_lt:2022:::::::*
Autodesk	AutoCAD Architecture	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_architecture:2025:::::::* cpe:2.3:a:autodesk:autocad_architecture:2024:::::::* cpe:2.3:a:autodesk:autocad_architecture:2023:::::::* cpe:2.3:a:autodesk:autocad_architecture:2022:::::::*
Autodesk	AutoCAD Electrical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_electrical:2025:::::::* cpe:2.3:a:autodesk:autocad_electrical:2024:::::::* cpe:2.3:a:autodesk:autocad_electrical:2023:::::::* cpe:2.3:a:autodesk:autocad_electrical:2022:::::::*
Autodesk	AutoCAD MAP 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_map_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_map_3d:2022:::::::*
Autodesk	AutoCAD Mechanical	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mechanical:2025:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2024:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2023:::::::* cpe:2.3:a:autodesk:autocad_mechanical:2022:::::::*
Autodesk	AutoCAD MEP	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_mep:2025:::::::* cpe:2.3:a:autodesk:autocad_mep:2024:::::::* cpe:2.3:a:autodesk:autocad_mep:2023:::::::* cpe:2.3:a:autodesk:autocad_mep:2022:::::::*
Autodesk	AutoCAD Plant 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:autocad_plant_3d:2025:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2024:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2023:::::::* cpe:2.3:a:autodesk:autocad_plant_3d:2022:::::::*
Autodesk	Civil 3D	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:civil_3d:2025:::::::* cpe:2.3:a:autodesk:civil_3d:2024:::::::* cpe:2.3:a:autodesk:civil_3d:2023:::::::* cpe:2.3:a:autodesk:civil_3d:2022:::::::*
Autodesk	Advance Steel	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) Affected: 2022 , < 2022.1.6 (custom) cpe:2.3:a:autodesk:advance_steel:2025:::::::* cpe:2.3:a:autodesk:advance_steel:2024:::::::* cpe:2.3:a:autodesk:advance_steel:2023:::::::* cpe:2.3:a:autodesk:advance_steel:2022:::::::*
Autodesk	DWG TrueView	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) Affected: 2023 , < 2023.1.7 (custom) cpe:2.3:a:autodesk:dwg_trueview:2025:::::::* cpe:2.3:a:autodesk:dwg_trueview:2024:::::::* cpe:2.3:a:autodesk:dwg_trueview:2023:::::::*
Autodesk	RealDWG	Affected: 2025 , < 2025.1.1 (custom) Affected: 2024 , < 2024.1.7 (custom) cpe:2.3:a:autodesk:realdwg:2025:::::::* cpe:2.3:a:autodesk:realdwg:2024:::::::*

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8896",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:51:33.412413Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T15:01:25.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.6",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DXF file when parsed in acdb25.dll\u0026nbsp;through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
            }
          ],
          "value": "A maliciously crafted DXF file when parsed in acdb25.dll\u00a0through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "CWE-908 Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-26T18:38:07.811Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Autodesk AutoCAD DXF File Parsing Unitialized Variable Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-8896",
    "datePublished": "2024-10-29T21:43:11.437Z",
    "dateReserved": "2024-09-16T14:34:49.668Z",
    "dateUpdated": "2025-08-26T18:38:07.811Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25004 (GCVE-0-2023-25004)

Vulnerability from nvd – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:40

Summary

A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.

Severity ?

No CVSS data available.

CWE

Integer Overflow

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

	Vendor	Product	Version
	n/a	Autodesk products	Affected: 2023, 2022, 2021, 2020

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.391Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25004",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T14:39:57.188378Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T14:40:18.983Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autodesk products",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022, 2021, 2020"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Integer Overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-27T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25004",
    "datePublished": "2023-06-27T00:00:00",
    "dateReserved": "2023-02-01T00:00:00",
    "dateUpdated": "2024-12-05T14:40:18.983Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-29068 (GCVE-0-2023-29068)

Vulnerability from nvd – Published: 2023-06-27 00:00 – Updated: 2024-12-05 14:41

Summary

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Severity ?

No CVSS data available.

CWE

memory corruption vulnerability

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

	Vendor	Product	Version
	n/a	Autodesk products	Affected: 2023, 2022, 2021, 2020

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:00:14.952Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-29068",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T14:41:27.413833Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T14:41:43.199Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Autodesk products",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022, 2021, 2020"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "memory corruption vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-27T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-29068",
    "datePublished": "2023-06-27T00:00:00",
    "dateReserved": "2023-03-30T00:00:00",
    "dateUpdated": "2024-12-05T14:41:43.199Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25003 (GCVE-0-2023-25003)

Vulnerability from nvd – Published: 2023-06-23 00:00 – Updated: 2024-12-05 17:10

Summary

A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution.

Severity ?

No CVSS data available.

CWE

out-of-bound read write / read

Assigner

autodesk

References

URL

Tags

https://www.autodesk.com/trust/security-advisorie…

Impacted products

	Vendor	Product	Version
	n/a	AutoCAD, Maya	Affected: 2023, 2022

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:11:43.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-25003",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-05T17:09:59.558363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-05T17:10:10.146Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": " AutoCAD, Maya ",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "2023, 2022"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A maliciously crafted pskernel.dll file in Autodesk AutoCAD 2023 and Maya 2022 may be used to trigger out-of-bound read write / read vulnerabilities. Exploitation of this vulnerability may lead to code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "out-of-bound read write / read",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-23T00:00:00",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2023-25003",
    "datePublished": "2023-06-23T00:00:00",
    "dateReserved": "2023-02-01T00:00:00",
    "dateUpdated": "2024-12-05T17:10:10.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

54 vulnerabilities found for inventor by autodesk

CVE-2025-5039 (GCVE-0-2025-5039)

CVE-2025-1276 (GCVE-0-2025-1276)

CVE-2024-7992 (GCVE-0-2024-7992)

CVE-2024-7991 (GCVE-0-2024-7991)

CVE-2024-9997 (GCVE-0-2024-9997)

CVE-2024-9996 (GCVE-0-2024-9996)

CVE-2024-9489 (GCVE-0-2024-9489)

CVE-2024-8896 (GCVE-0-2024-8896)

CVE-2023-25004 (GCVE-0-2023-25004)

CVE-2023-29068 (GCVE-0-2023-29068)

CVE-2023-25003 (GCVE-0-2023-25003)

CVE-2025-5039 (GCVE-0-2025-5039)

CVE-2025-1276 (GCVE-0-2025-1276)

CVE-2024-7992 (GCVE-0-2024-7992)

CVE-2024-7991 (GCVE-0-2024-7991)

CVE-2024-9997 (GCVE-0-2024-9997)

CVE-2024-9996 (GCVE-0-2024-9996)

CVE-2024-9489 (GCVE-0-2024-9489)

CVE-2024-8896 (GCVE-0-2024-8896)

CVE-2023-25004 (GCVE-0-2023-25004)

CVE-2023-29068 (GCVE-0-2023-29068)

CVE-2023-25003 (GCVE-0-2023-25003)