cvelistv5 - CVE-2024-23120

CVE-2024-23120 (GCVE-0-2024-23120)

Vulnerability from cvelistv5

Published

2024-02-21 23:36

Modified

2025-02-10 21:07

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-787 - Out-of-bounds Write

Summary

A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

References

►

URL

Tags

psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002	Vendor Advisory
psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004	Vendor Advisory
psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009	Vendor Advisory

Impacted products

Vendor

Product

Version

►

Autodesk

AutoCAD

Version: 2025   < 2025.0.1
Version: 2024   < 2024.1.3
Version: 2023   < 2023.1.5
Version: 2022   < 2022.1.4
Version: 2021   < 2021.1.4

Autodesk	AutoCAD Architecture	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4
Autodesk	AutoCAD Electrical	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4
Autodesk	AutoCAD Mechanical	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4
Autodesk	AutoCAD MEP	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4
Autodesk	AutoCAD Plant 3D	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4
Autodesk	Civil 3D	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4
Autodesk	Advance Steel	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4
Autodesk	AutoCAD MAP 3D	Version: 2025 < 2025.0.1 Version: 2024 < 2024.1.3 Version: 2023 < 2023.1.5 Version: 2022 < 2022.1.4 Version: 2021 < 2021.1.4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_electrical",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_map_3d",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_advance_steel",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_civil_3d",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_architecture",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_mechanical",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_mep",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
              "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "autocad_plant_3d",
            "vendor": "autodesk",
            "versions": [
              {
                "lessThan": "2021.1.4",
                "status": "affected",
                "version": "2021",
                "versionType": "custom"
              },
              {
                "lessThan": "2022.1.4",
                "status": "affected",
                "version": "2022",
                "versionType": "custom"
              },
              {
                "lessThan": "2023.1.5",
                "status": "affected",
                "version": "2023",
                "versionType": "custom"
              },
              {
                "lessThan": "2024.1.3",
                "status": "affected",
                "version": "2024",
                "versionType": "custom"
              },
              {
                "lessThan": "2025.0.1",
                "status": "affected",
                "version": "2025",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-23120",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-26T16:45:26.511301Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-26T16:45:51.357Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T22:59:30.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpe": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unknown",
          "product": "Civil 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpe": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.0.1",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.3",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.5",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            },
            {
              "lessThan": "2022.1.4",
              "status": "affected",
              "version": "2022",
              "versionType": "custom"
            },
            {
              "lessThan": "2021.1.4",
              "status": "affected",
              "version": "2021",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-10T21:07:50.709Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
        },
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
        },
        {
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2024-23120",
    "datePublished": "2024-02-21T23:36:13.617Z",
    "dateReserved": "2024-01-11T21:46:45.745Z",
    "dateUpdated": "2025-02-10T21:07:50.709Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-23120\",\"sourceIdentifier\":\"psirt@autodesk.com\",\"published\":\"2024-02-22T00:15:52.510\",\"lastModified\":\"2025-04-11T15:57:41.513\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\"},{\"lang\":\"es\",\"value\":\"Un archivo STP creado con fines malintencionados cuando se analiza en ASMIMPORT228A.dll a trav\u00e9s de Autodesk AutoCAD puede forzar una escritura fuera de los l\u00edmites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@autodesk.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@autodesk.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"87CE995F-0A26-4A6B-ADAD-BD92DE041CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"AE884173-F3DD-499F-BD76-30163694A4C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"F731E320-ECF2-4475-A272-1F5001F69F6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"6E84F5F3-11EC-4F50-A876-82A3711B2887\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"D2E7315F-F000-4259-9B22-19155ECFF63C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"3ECBFF29-3DF6-486F-AD72-96D27CC606CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"E605F3C7-2CE6-47D2-9FD9-894F2DA6653B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"6B0C6F22-AD34-47F3-BD17-44BDDBD1DF54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"806EBADF-277C-45C8-95C8-9DDDC3A587F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"84FA9407-98AC-4ABC-B406-76A9D324C070\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"5833D3EE-E6F2-4F72-B66A-D1441E3A4F32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"0EC7C7DA-1682-43FF-8515-2C5E6C9CC502\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"A71C7E76-81BB-40C7-AE45-65E26651FA04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"B77DFA45-167C-453A-A543-16A4A51514B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"2EAD1ED0-0761-49CA-BAF0-2A4EB39FEEFD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"770B3D64-582F-453E-A8CD-D2B655EEA3DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"C12DA888-C72E-424A-9A66-2B72C3885022\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"CDA5C264-8E3E-4EB3-A586-BAF5076F9B5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"A7019B5E-D425-41CC-9F35-D4A92597BA6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"0BECC47B-077B-4448-AB37-FDA334A1CDA9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"A16CEB16-2B44-4AF2-A0F4-497F30DC70CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"4BDB09F0-77AB-4177-9059-F67A7D2781A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"94B704A0-03BB-4F75-8621-142FC2EB3F3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"CF2BDC5F-7710-4C2A-AF60-71F3A1E4B020\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"15E49672-CBD2-4052-AC01-F0B02AF94AAF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"CEFE632B-569A-433B-96C1-FF87BD35F168\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"93561E79-EBDF-4DE1-92F8-CF5764932523\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"798D132D-E71C-4C94-A2A4-B5ED222FE2A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"4C1FC811-08B1-4C9D-B65D-7BACAC04A72C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"F745DE13-EA25-48E7-9DC0-8A11051D3DB1\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"57C7AA10-6C8D-4CD7-8BBE-1B7069F9DC48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"5068B231-93C3-4CAF-A679-A87117016472\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"C5622C87-4585-4EBD-A868-95DF104C6B8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"B1930F6C-449E-481A-8E7E-48CF14FF4310\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"F954159B-F922-4D0D-826D-A5390C94DFA2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"70BC67D3-9BB7-4882-ACF7-3866AB487555\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"1FF491D7-280B-4DEE-B912-8677F62D3195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"B09BA7FD-4C04-4B7A-9824-19F918651A5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"4B55C95F-762E-4356-9A5C-83CFFC99A743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"01723BB3-1692-41D5-9123-5FB17F8C44AD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2021\",\"versionEndExcluding\":\"2021.1.4\",\"matchCriteriaId\":\"7169F2CB-58BB-46C2-883D-4FE3E66A4940\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.1.4\",\"matchCriteriaId\":\"4540CC32-0DDA-4483-A087-D95C3C610287\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023\",\"versionEndExcluding\":\"2023.1.5\",\"matchCriteriaId\":\"EB7AE2EA-96D5-47AE-A667-AFD5F57047B4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024\",\"versionEndExcluding\":\"2024.1.3\",\"matchCriteriaId\":\"7E44032A-F590-43E0-92DF-5FD3E142E147\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2025\",\"versionEndExcluding\":\"2025.0.1\",\"matchCriteriaId\":\"407362FB-1FC4-4B78-843B-C64539AEE7F9\"}]}]}],\"references\":[{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002\",\"source\":\"psirt@autodesk.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004\",\"source\":\"psirt@autodesk.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009\",\"source\":\"psirt@autodesk.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T22:59:30.563Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-23120\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-26T16:45:26.511301Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_electrical\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_map_3d\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_advance_steel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_civil_3d\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_architecture\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_mechanical\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_mep\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*\"], \"vendor\": \"autodesk\", \"product\": \"autocad_plant_3d\", \"versions\": [{\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-05T15:20:43.660Z\"}}], \"cna\": {\"title\": \"Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-100\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-100 Overflow Buffers\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpe\": [\"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_architecture:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Architecture\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_electrical:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Electrical\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechnaical:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mechanical:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Mechanical\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_mep:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD MEP\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_plant_3d:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD Plant 3D\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:civil_3d:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"Civil 3D\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:advance_steel:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"Advance Steel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}, {\"cpe\": [\"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*\", \"cpe:2.3:a:autodesk:autocad_map_3d:2021:*:*:*:*:*:*:*\"], \"vendor\": \"Autodesk\", \"product\": \"AutoCAD MAP 3D\", \"versions\": [{\"status\": \"affected\", \"version\": \"2025\", \"lessThan\": \"2025.0.1\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2024\", \"lessThan\": \"2024.1.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2023\", \"lessThan\": \"2023.1.5\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2022\", \"lessThan\": \"2022.1.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"2021\", \"lessThan\": \"2021.1.4\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002\"}, {\"url\": \"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004\"}, {\"url\": \"https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eA maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"7e40ea87-bc65-4944-9723-dd79dd760601\", \"shortName\": \"autodesk\", \"dateUpdated\": \"2025-02-10T21:07:50.709Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-23120\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-10T21:07:50.709Z\", \"dateReserved\": \"2024-01-11T21:46:45.745Z\", \"assignerOrgId\": \"7e40ea87-bc65-4944-9723-dd79dd760601\", \"datePublished\": \"2024-02-21T23:36:13.617Z\", \"assignerShortName\": \"autodesk\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-rqrg-8xc9-5vw3

Vulnerability from github

Published

2024-02-22 00:31

Modified

2025-04-11 18:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

A maliciously crafted STP file when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-23120"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-787"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-22T00:15:52Z",
    "severity": "HIGH"
  },
  "details": "A maliciously crafted STP file when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.",
  "id": "GHSA-rqrg-8xc9-5vw3",
  "modified": "2025-04-11T18:30:24Z",
  "published": "2024-02-22T00:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23120"
    },
    {
      "type": "WEB",
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
    },
    {
      "type": "WEB",
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
    },
    {
      "type": "WEB",
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2024-23120

Vulnerability from fkie_nvd

Published

2024-02-22 00:15

Modified

2025-04-11 15:57

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002	Vendor Advisory
psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004	Vendor Advisory
psirt@autodesk.com	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009	Vendor Advisory

Impacted products

Vendor	Product	Version
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_architecture	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_electrical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mechanical	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_mep	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	autocad_plant_3d	*
autodesk	civil_3d	*
autodesk	civil_3d	*
autodesk	civil_3d	*
autodesk	civil_3d	*
autodesk	civil_3d	*
autodesk	advance_steel	*
autodesk	advance_steel	*
autodesk	advance_steel	*
autodesk	advance_steel	*
autodesk	advance_steel	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*
autodesk	autocad_map_3d	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "87CE995F-0A26-4A6B-ADAD-BD92DE041CC0",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE884173-F3DD-499F-BD76-30163694A4C8",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F731E320-ECF2-4475-A272-1F5001F69F6C",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E84F5F3-11EC-4F50-A876-82A3711B2887",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2E7315F-F000-4259-9B22-19155ECFF63C",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3ECBFF29-3DF6-486F-AD72-96D27CC606CA",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E605F3C7-2CE6-47D2-9FD9-894F2DA6653B",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B0C6F22-AD34-47F3-BD17-44BDDBD1DF54",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "806EBADF-277C-45C8-95C8-9DDDC3A587F2",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84FA9407-98AC-4ABC-B406-76A9D324C070",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5833D3EE-E6F2-4F72-B66A-D1441E3A4F32",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC7C7DA-1682-43FF-8515-2C5E6C9CC502",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A71C7E76-81BB-40C7-AE45-65E26651FA04",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77DFA45-167C-453A-A543-16A4A51514B4",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EAD1ED0-0761-49CA-BAF0-2A4EB39FEEFD",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "770B3D64-582F-453E-A8CD-D2B655EEA3DF",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C12DA888-C72E-424A-9A66-2B72C3885022",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA5C264-8E3E-4EB3-A586-BAF5076F9B5F",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7019B5E-D425-41CC-9F35-D4A92597BA6A",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BECC47B-077B-4448-AB37-FDA334A1CDA9",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A16CEB16-2B44-4AF2-A0F4-497F30DC70CC",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4BDB09F0-77AB-4177-9059-F67A7D2781A2",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94B704A0-03BB-4F75-8621-142FC2EB3F3F",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF2BDC5F-7710-4C2A-AF60-71F3A1E4B020",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "15E49672-CBD2-4052-AC01-F0B02AF94AAF",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEFE632B-569A-433B-96C1-FF87BD35F168",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "93561E79-EBDF-4DE1-92F8-CF5764932523",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "798D132D-E71C-4C94-A2A4-B5ED222FE2A0",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C1FC811-08B1-4C9D-B65D-7BACAC04A72C",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F745DE13-EA25-48E7-9DC0-8A11051D3DB1",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C7AA10-6C8D-4CD7-8BBE-1B7069F9DC48",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5068B231-93C3-4CAF-A679-A87117016472",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5622C87-4585-4EBD-A868-95DF104C6B8F",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1930F6C-449E-481A-8E7E-48CF14FF4310",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F954159B-F922-4D0D-826D-A5390C94DFA2",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BC67D3-9BB7-4882-ACF7-3866AB487555",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FF491D7-280B-4DEE-B912-8677F62D3195",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B09BA7FD-4C04-4B7A-9824-19F918651A5B",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B55C95F-762E-4356-9A5C-83CFFC99A743",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01723BB3-1692-41D5-9123-5FB17F8C44AD",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7169F2CB-58BB-46C2-883D-4FE3E66A4940",
              "versionEndExcluding": "2021.1.4",
              "versionStartIncluding": "2021",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4540CC32-0DDA-4483-A087-D95C3C610287",
              "versionEndExcluding": "2022.1.4",
              "versionStartIncluding": "2022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB7AE2EA-96D5-47AE-A667-AFD5F57047B4",
              "versionEndExcluding": "2023.1.5",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E44032A-F590-43E0-92DF-5FD3E142E147",
              "versionEndExcluding": "2024.1.3",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "407362FB-1FC4-4B78-843B-C64539AEE7F9",
              "versionEndExcluding": "2025.0.1",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo STP creado con fines malintencionados cuando se analiza en ASMIMPORT228A.dll a trav\u00e9s de Autodesk AutoCAD puede forzar una escritura fuera de los l\u00edmites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2024-23120",
  "lastModified": "2025-04-11T15:57:41.513",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-02-22T00:15:52.510",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2024-23120

Vulnerability from gsd

Modified

2024-01-12 06:02

Details

Aliases

CVE-2024-23120

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-23120"
      ],
      "details": "A maliciously crafted STP file when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\n",
      "id": "GSD-2024-23120",
      "modified": "2024-01-12T06:02:17.989445Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@autodesk.com",
        "ID": "CVE-2024-23120",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "AutoCAD, Advance Steel and Civil 3D",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "2024, 2023, 2022, 2021"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Autodesk"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through\nAutodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can\nleverage this vulnerability to cause a crash, write sensitive data, or execute\narbitrary code in the context of the current process.\n\n\n\n\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-787",
                "lang": "eng",
                "value": "CWE-787 Out-of-bounds Write"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002",
            "refsource": "MISC",
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
          },
          {
            "name": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004",
            "refsource": "MISC",
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
          }
        ]
      },
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through\nAutodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can\nleverage this vulnerability to cause a crash, write sensitive data, or execute\narbitrary code in the context of the current process.\n\n\n\n\n"
          },
          {
            "lang": "es",
            "value": "Un archivo STP creado con fines malintencionados cuando se analiza en ASMIMPORT228A.dll a trav\u00e9s de Autodesk AutoCAD puede forzar una escritura fuera de los l\u00edmites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
          }
        ],
        "id": "CVE-2024-23120",
        "lastModified": "2024-03-01T16:15:45.920",
        "metrics": {},
        "published": "2024-02-22T00:15:52.510",
        "references": [
          {
            "source": "psirt@autodesk.com",
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
          },
          {
            "source": "psirt@autodesk.com",
            "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
          }
        ],
        "sourceIdentifier": "psirt@autodesk.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-787"
              }
            ],
            "source": "psirt@autodesk.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

wid-sec-w-2024-0349

Vulnerability from csaf_certbund

Published

2024-02-12 23:00

Modified

2024-06-02 22:00

Summary

Autodesk AutoCAD: Mehrere Schwachstellen ermöglichen Codeausführung

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

AutoCAD ist Teil der CAD (Computer Aided Design) Produktpalette von Autodesk.

Angriff

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Autodesk AutoCAD ausnutzen, um beliebigen Programmcode auszuführen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "AutoCAD ist Teil der CAD (Computer Aided Design) Produktpalette von Autodesk.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Autodesk AutoCAD ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0349 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0349.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0349 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0349"
      },
      {
        "category": "external",
        "summary": "AutoDesk Security Advisory vom 2024-02-12",
        "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002"
      },
      {
        "category": "external",
        "summary": "Autodesk Security Advisory ADSK-SA-2024-0004 vom 2024-02-29",
        "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-124/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-125/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-126/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-127/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-128/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-129/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-130/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-131/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-132/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-133/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-134/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-135/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-136/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-137/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-138/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-139/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-140/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-141/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-142/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-143/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-144/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-145/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-146/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-147/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-148/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-149/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-150/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-151/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-152/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-153/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-154/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-155/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-156/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-157/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-158/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-159/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-160/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-161/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-162/"
      },
      {
        "category": "external",
        "summary": "ZDI Advisory vom 2024-02-12",
        "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-163/"
      },
      {
        "category": "external",
        "summary": "Autodesk Security Advisory ADSK-SA-2024-0009 vom 2024-05-31",
        "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009"
      }
    ],
    "source_lang": "en-US",
    "title": "Autodesk AutoCAD: Mehrere Schwachstellen erm\u00f6glichen Codeausf\u00fchrung",
    "tracking": {
      "current_release_date": "2024-06-02T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:05:06.558+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0349",
      "initial_release_date": "2024-02-12T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-12T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-02-15T23:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz aufgenommen: AutoDesk"
        },
        {
          "date": "2024-02-21T23:00:00.000+00:00",
          "number": "3",
          "summary": "CVE\u0027s erg\u00e4nzt"
        },
        {
          "date": "2024-02-29T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Autodesk aufgenommen"
        },
        {
          "date": "2024-06-02T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Autodesk aufgenommen"
        }
      ],
      "status": "final",
      "version": "5"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Autodesk AutoCAD",
                "product": {
                  "name": "Autodesk AutoCAD",
                  "product_id": "T032702",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:autodesk:autocad:-"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c2023.1.5",
                "product": {
                  "name": "Autodesk AutoCAD \u003c2023.1.5",
                  "product_id": "T033188"
                }
              }
            ],
            "category": "product_name",
            "name": "AutoCAD"
          }
        ],
        "category": "vendor",
        "name": "Autodesk"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0446",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-0446"
    },
    {
      "cve": "CVE-2024-23120",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23120"
    },
    {
      "cve": "CVE-2024-23121",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23121"
    },
    {
      "cve": "CVE-2024-23122",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23122"
    },
    {
      "cve": "CVE-2024-23123",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23123"
    },
    {
      "cve": "CVE-2024-23124",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23124"
    },
    {
      "cve": "CVE-2024-23125",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23125"
    },
    {
      "cve": "CVE-2024-23126",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23126"
    },
    {
      "cve": "CVE-2024-23127",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23127"
    },
    {
      "cve": "CVE-2024-23128",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23128"
    },
    {
      "cve": "CVE-2024-23129",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23129"
    },
    {
      "cve": "CVE-2024-23130",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23130"
    },
    {
      "cve": "CVE-2024-23131",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23131"
    },
    {
      "cve": "CVE-2024-23132",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23132"
    },
    {
      "cve": "CVE-2024-23133",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23133"
    },
    {
      "cve": "CVE-2024-23134",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23134"
    },
    {
      "cve": "CVE-2024-23135",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23135"
    },
    {
      "cve": "CVE-2024-23136",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23136"
    },
    {
      "cve": "CVE-2024-23137",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Dieser Fehler besteht w\u00e4hrend des Parsing-Prozesses verschiedener Dateitypen aufgrund mehrerer sicherheitsrelevanter Probleme wie einem Heap-basierten Puffer\u00fcberlauf, einer Speicherbesch\u00e4digung oder einem Out-of-Bounds-Problem. Ein entfernter, anonymer Angreifer kann diese Schwachstellen zur Ausf\u00fchrung von beliebigem Code ausnutzen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T032702",
          "T033188"
        ]
      },
      "release_date": "2024-02-12T23:00:00.000+00:00",
      "title": "CVE-2024-23137"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-23120 (GCVE-0-2024-23120)

Vulnerability from cvelistv5

ghsa-rqrg-8xc9-5vw3

Vulnerability from github

fkie_cve-2024-23120

Vulnerability from fkie_nvd

gsd-2024-23120

Vulnerability from gsd

wid-sec-w-2024-0349

Vulnerability from csaf_certbund

Tags

Sightings

Nomenclature