Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2024-3304
Vulnerability from csaf_certbund
Published
2024-10-29 23:00
Modified
2024-10-29 23:00
Summary
Autodesk AutoCAD: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
AutoCAD ist Teil der CAD (Computer Aided Design) Produktpalette von Autodesk.
Angriff
Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Autodesk AutoCAD ausnutzen, um beliebigen Code auszuführen, einen 'Denial of Service'-Zustand zu erzeugen, Dateien zu manipulieren oder vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "AutoCAD ist Teil der CAD (Computer Aided Design) Produktpalette von Autodesk.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter anonymer Angreifer kann mehrere Schwachstellen in Autodesk AutoCAD ausnutzen, um beliebigen Code auszuf\u00fchren, einen \u0027Denial of Service\u0027-Zustand zu erzeugen, Dateien zu manipulieren oder vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3304 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3304.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3304 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3304"
},
{
"category": "external",
"summary": "Autodesk Security Advisory adsk-sa-2024-0019 vom 2024-10-29",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
},
{
"category": "external",
"summary": "Autodesk Security Advisory adsk-sa-2024-0020 vom 2024-10-29",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0020"
},
{
"category": "external",
"summary": "Autodesk Security Advisory adsk-sa-2024-0021 vom 2024-10-29",
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source_lang": "en-US",
"title": "Autodesk AutoCAD: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-10-29T23:00:00.000+00:00",
"generator": {
"date": "2024-10-30T12:08:10.411+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-3304",
"initial_release_date": "2024-10-29T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-29T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2025.1.1",
"product": {
"name": "Autodesk AutoCAD \u003c2025.1.1",
"product_id": "T038689"
}
},
{
"category": "product_version",
"name": "2025.1.1",
"product": {
"name": "Autodesk AutoCAD 2025.1.1",
"product_id": "T038689-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:autodesk:autocad:2025.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c2024.1.6",
"product": {
"name": "Autodesk AutoCAD \u003c2024.1.6",
"product_id": "T038690"
}
},
{
"category": "product_version",
"name": "2024.1.6",
"product": {
"name": "Autodesk AutoCAD 2024.1.6",
"product_id": "T038690-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:autodesk:autocad:2024.1.6"
}
}
}
],
"category": "product_name",
"name": "AutoCAD"
}
],
"category": "vendor",
"name": "Autodesk"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-7991",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-7991"
},
{
"cve": "CVE-2024-7992",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-7992"
},
{
"cve": "CVE-2024-8587",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8587"
},
{
"cve": "CVE-2024-8588",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8588"
},
{
"cve": "CVE-2024-8589",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8589"
},
{
"cve": "CVE-2024-8590",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8590"
},
{
"cve": "CVE-2024-8591",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8591"
},
{
"cve": "CVE-2024-8592",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8592"
},
{
"cve": "CVE-2024-8593",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8593"
},
{
"cve": "CVE-2024-8594",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8594"
},
{
"cve": "CVE-2024-8595",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8595"
},
{
"cve": "CVE-2024-8596",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8596"
},
{
"cve": "CVE-2024-8597",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8597"
},
{
"cve": "CVE-2024-8598",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8598"
},
{
"cve": "CVE-2024-8599",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8599"
},
{
"cve": "CVE-2024-8600",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8600"
},
{
"cve": "CVE-2024-8896",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-8896"
},
{
"cve": "CVE-2024-9489",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-9489"
},
{
"cve": "CVE-2024-9826",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-9826"
},
{
"cve": "CVE-2024-9827",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-9827"
},
{
"cve": "CVE-2024-9996",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-9996"
},
{
"cve": "CVE-2024-9997",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in Autodesk AutoCAD. Diese Fehler existieren aufgrund einer unzureichenden Eingabevalidierung und Speicherverwaltungsproblemen in verschiedenen Komponenten, die eine unautorisierte Speichermanipulation erm\u00f6glichen. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstellen ausnutzen, um Auswirkungen wie Abst\u00fcrze, die Ausf\u00fchrung von beliebigem Code und den Zugriff auf sensible Daten zu verursachen. Einige dieser Sicherheitsl\u00fccken erfordern eine Benutzerinteraktion, um erfolgreich ausgenutzt zu werden."
}
],
"product_status": {
"known_affected": [
"T038690",
"T038689"
]
},
"release_date": "2024-10-29T23:00:00.000+00:00",
"title": "CVE-2024-9997"
}
]
}
CVE-2024-8590 (GCVE-0-2024-8590)
Vulnerability from cvelistv5
Published
2024-10-29 21:07
Modified
2025-04-25 20:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8590",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:51.045399Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:03:28.300Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:11:19.887Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD 3DM File Parsing Use-After-Free Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8590",
"datePublished": "2024-10-29T21:07:47.121Z",
"dateReserved": "2024-09-09T04:30:14.958Z",
"dateUpdated": "2025-04-25T20:11:19.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8591 (GCVE-0-2024-8591)
Vulnerability from cvelistv5
Published
2024-10-29 21:08
Modified
2025-04-25 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8591",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:49.844455Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:03:18.188Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:12:57.033Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8591",
"datePublished": "2024-10-29T21:08:22.860Z",
"dateReserved": "2024-09-09T04:34:57.640Z",
"dateUpdated": "2025-04-25T20:12:57.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8596 (GCVE-0-2024-8596)
Vulnerability from cvelistv5
Published
2024-10-29 21:11
Modified
2025-04-25 20:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8596",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:44.864873Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:02:35.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:20:00.913Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8596",
"datePublished": "2024-10-29T21:11:36.053Z",
"dateReserved": "2024-09-09T04:55:18.208Z",
"dateUpdated": "2025-04-25T20:20:00.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8593 (GCVE-0-2024-8593)
Vulnerability from cvelistv5
Published
2024-10-29 21:08
Modified
2025-04-25 20:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8593",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:48.544566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:03:06.010Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u0026nbsp;"
}
],
"value": "A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:15:56.725Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8593",
"datePublished": "2024-10-29T21:08:53.971Z",
"dateReserved": "2024-09-09T04:41:53.966Z",
"dateUpdated": "2025-04-25T20:15:56.725Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8594 (GCVE-0-2024-8594)
Vulnerability from cvelistv5
Published
2024-10-29 21:09
Modified
2025-04-25 20:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8594",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:47.322086Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:02:55.732Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:16:58.894Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8594",
"datePublished": "2024-10-29T21:09:53.149Z",
"dateReserved": "2024-09-09T04:47:17.676Z",
"dateUpdated": "2025-04-25T20:16:58.894Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8588 (GCVE-0-2024-8588)
Vulnerability from cvelistv5
Published
2024-10-29 21:06
Modified
2025-04-25 20:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8588",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:54.487477Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:03:46.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:07:27.141Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8588",
"datePublished": "2024-10-29T21:06:17.695Z",
"dateReserved": "2024-09-09T04:11:56.456Z",
"dateUpdated": "2025-04-25T20:07:27.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8587 (GCVE-0-2024-8587)
Vulnerability from cvelistv5
Published
2024-10-29 21:03
Modified
2025-04-25 20:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Summary
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8587",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:55.963535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:03:53.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:08:26.047Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD SLDPRT File Parsing Heap-based Buffer Overflow Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8587",
"datePublished": "2024-10-29T21:03:58.156Z",
"dateReserved": "2024-09-09T03:01:59.536Z",
"dateUpdated": "2025-04-25T20:08:26.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7992 (GCVE-0-2024-7992)
Vulnerability from cvelistv5
Published
2024-10-29 21:50
Modified
2025-05-14 12:53
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-121 - Stack Overflow
Summary
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:27.431632Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:00:32.444Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA maliciously crafted DWG file, when parsed\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethrough Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T12:53:49.394Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-7992",
"datePublished": "2024-10-29T21:50:13.232Z",
"dateReserved": "2024-08-19T21:37:08.684Z",
"dateUpdated": "2025-05-14T12:53:49.394Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8896 (GCVE-0-2024-8896)
Vulnerability from cvelistv5
Published
2024-10-29 21:43
Modified
2025-05-14 12:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-908 - Use of Uninitialized Resource
Summary
A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8896",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:33.412413Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:25.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DXF file when parsed in acdb25.dll\u0026nbsp;through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted DXF file when parsed in acdb25.dll\u00a0through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T12:54:32.409Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DXF File Parsing Unitialized Variable Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8896",
"datePublished": "2024-10-29T21:43:11.437Z",
"dateReserved": "2024-09-16T14:34:49.668Z",
"dateUpdated": "2025-05-14T12:54:32.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9489 (GCVE-0-2024-9489)
Vulnerability from cvelistv5
Published
2024-10-29 21:44
Modified
2025-05-14 13:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9489",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:32.196438Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:17.148Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T13:01:03.925Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9489",
"datePublished": "2024-10-29T21:44:39.027Z",
"dateReserved": "2024-10-03T18:19:18.769Z",
"dateUpdated": "2025-05-14T13:01:03.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9996 (GCVE-0-2024-9996)
Vulnerability from cvelistv5
Published
2024-10-29 21:45
Modified
2025-05-14 13:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-Bounds Write
Summary
A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9996",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:30.961199Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:08.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T13:03:12.557Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9996",
"datePublished": "2024-10-29T21:45:17.527Z",
"dateReserved": "2024-10-15T13:39:36.931Z",
"dateUpdated": "2025-05-14T13:03:12.557Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8589 (GCVE-0-2024-8589)
Vulnerability from cvelistv5
Published
2024-10-29 21:07
Modified
2025-04-25 20:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8589",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:52.742459Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:03:37.771Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:09:35.241Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8589",
"datePublished": "2024-10-29T21:07:02.412Z",
"dateReserved": "2024-09-09T04:19:18.839Z",
"dateUpdated": "2025-04-25T20:09:35.241Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8599 (GCVE-0-2024-8599)
Vulnerability from cvelistv5
Published
2024-10-29 21:13
Modified
2025-04-25 20:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:39.962735Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:02:07.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u0026nbsp;"
}
],
"value": "A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:25:44.338Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD ACTranslators STP File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8599",
"datePublished": "2024-10-29T21:13:32.979Z",
"dateReserved": "2024-09-09T05:07:41.856Z",
"dateUpdated": "2025-04-25T20:25:44.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9827 (GCVE-0-2024-9827)
Vulnerability from cvelistv5
Published
2024-10-29 21:14
Modified
2025-04-25 20:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-125 - Out-of-bounds Read
Summary
A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9827",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:36.054365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:41.929Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125 Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:30:38.082Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD ACTranslators CATPART File Parsing Out-Of-Bounds Read Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9827",
"datePublished": "2024-10-29T21:14:55.716Z",
"dateReserved": "2024-10-10T19:01:38.304Z",
"dateUpdated": "2025-04-25T20:30:38.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9997 (GCVE-0-2024-9997)
Vulnerability from cvelistv5
Published
2024-10-29 21:45
Modified
2025-05-14 13:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:29.745174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:00:57.856Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T13:03:43.990Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9997",
"datePublished": "2024-10-29T21:45:59.005Z",
"dateReserved": "2024-10-15T13:39:39.800Z",
"dateUpdated": "2025-05-14T13:03:43.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7991 (GCVE-0-2024-7991)
Vulnerability from cvelistv5
Published
2024-10-29 21:49
Modified
2025-05-14 12:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-Bounds Write
Summary
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7991",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:28.629296Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:00:49.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "DWG TrueView",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "RealDWG",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-Bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-14T12:50:15.527Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-7991",
"datePublished": "2024-10-29T21:49:02.128Z",
"dateReserved": "2024-08-19T21:37:04.701Z",
"dateUpdated": "2025-05-14T12:50:15.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8597 (GCVE-0-2024-8597)
Vulnerability from cvelistv5
Published
2024-10-29 21:12
Modified
2025-04-25 20:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8597",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:43.008403Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:02:24.584Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:21:16.081Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD STEP File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8597",
"datePublished": "2024-10-29T21:12:24.663Z",
"dateReserved": "2024-09-09T04:59:35.505Z",
"dateUpdated": "2025-04-25T20:21:16.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8600 (GCVE-0-2024-8600)
Vulnerability from cvelistv5
Published
2024-10-29 21:14
Modified
2025-04-25 20:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8600",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:38.514092Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:58.383Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:28:43.302Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8600",
"datePublished": "2024-10-29T21:14:01.152Z",
"dateReserved": "2024-09-09T05:11:47.491Z",
"dateUpdated": "2025-04-25T20:28:43.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9826 (GCVE-0-2024-9826)
Vulnerability from cvelistv5
Published
2024-10-29 21:14
Modified
2025-04-25 20:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9826",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:37.301745Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:50.007Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:30:16.834Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD ACTranslators 3DM File Parsing Use-After-Free Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-9826",
"datePublished": "2024-10-29T21:14:31.382Z",
"dateReserved": "2024-10-10T18:38:23.523Z",
"dateUpdated": "2025-04-25T20:30:16.834Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8595 (GCVE-0-2024-8595)
Vulnerability from cvelistv5
Published
2024-10-29 21:10
Modified
2025-04-25 20:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-416 - Use After Free
Summary
A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8595",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:46.090065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:02:46.129Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"value": "A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416 Use After Free",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:19:32.814Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD MODEL File Parsing Use-After-Free Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8595",
"datePublished": "2024-10-29T21:10:46.829Z",
"dateReserved": "2024-09-09T04:51:46.055Z",
"dateUpdated": "2025-04-25T20:19:32.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8592 (GCVE-0-2024-8592)
Vulnerability from cvelistv5
Published
2024-10-29 21:39
Modified
2025-04-25 12:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2024 < 2024.1.6 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8592",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:34.701094Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:01:34.310Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_lt:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD LT",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2024.1.6",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
}
],
"value": "A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T12:59:54.218Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0020"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD CATPART File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8592",
"datePublished": "2024-10-29T21:39:37.707Z",
"dateReserved": "2024-09-09T04:38:44.793Z",
"dateUpdated": "2025-04-25T12:59:54.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8598 (GCVE-0-2024-8598)
Vulnerability from cvelistv5
Published
2024-10-29 21:12
Modified
2025-04-25 20:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Autodesk | AutoCAD |
Version: 2025 < 2025.1.1 Version: 2024 < 2024.1.7 Version: 2023 < 2023.1.7 Version: 2022 < 2022.1.6 |
|||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8598",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T13:51:41.264504Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T15:02:15.403Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpe": [
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Architecture",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Electrical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MAP 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Mechanical",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD MEP",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "AutoCAD Plant 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Civil 3D",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
},
{
"cpe": [
"cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Advance Steel",
"vendor": "Autodesk",
"versions": [
{
"lessThan": "2025.1.1",
"status": "affected",
"version": "2025",
"versionType": "custom"
},
{
"lessThan": "2024.1.7",
"status": "affected",
"version": "2024",
"versionType": "custom"
},
{
"lessThan": "2023.1.7",
"status": "affected",
"version": "2023",
"versionType": "custom"
},
{
"lessThan": "2022.1.6",
"status": "affected",
"version": "2022",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.\u0026nbsp;"
}
],
"value": "A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process."
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-25T20:22:42.824Z",
"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"shortName": "autodesk"
},
"references": [
{
"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Autodesk AutoCAD ACTranslators STEP File Parsing Memory Corruption Code Execution Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
"assignerShortName": "autodesk",
"cveId": "CVE-2024-8598",
"datePublished": "2024-10-29T21:12:53.738Z",
"dateReserved": "2024-09-09T05:03:22.098Z",
"dateUpdated": "2025-04-25T20:22:42.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…