7.8
CVE-2024-23129
- EPSS 0.4%
- Veröffentlicht 22.02.2024 04:15:08
- Zuletzt bearbeitet 31.12.2025 00:40:11
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software
A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Autocad Architecture Version >= 2021 < 2021.1.4
Autodesk ≫ Autocad Architecture Version >= 2022 < 2022.1.4
Autodesk ≫ Autocad Architecture Version >= 2023 < 2023.1.5
Autodesk ≫ Autocad Architecture Version >= 2024 < 2024.1.3
Autodesk ≫ Autocad Architecture Version >= 2025 < 2025.0.1
Autodesk ≫ Autocad Electrical Version >= 2021 < 2021.1.4
Autodesk ≫ Autocad Electrical Version >= 2022 < 2022.1.4
Autodesk ≫ Autocad Electrical Version >= 2023 < 2023.1.5
Autodesk ≫ Autocad Electrical Version >= 2024 < 2024.1.3
Autodesk ≫ Autocad Electrical Version >= 2025 < 2025.0.1
Autodesk ≫ Autocad Mechanical Version >= 2021 < 2021.1.4
Autodesk ≫ Autocad Mechanical Version >= 2022 < 2022.1.4
Autodesk ≫ Autocad Mechanical Version >= 2023 < 2023.1.5
Autodesk ≫ Autocad Mechanical Version >= 2024 < 2024.1.3
Autodesk ≫ Autocad Mechanical Version >= 2025 < 2025.0.1
Autodesk ≫ Autocad Mep Version >= 2021 < 2021.1.4
Autodesk ≫ Autocad Mep Version >= 2022 < 2022.1.4
Autodesk ≫ Autocad Mep Version >= 2023 < 2023.1.5
Autodesk ≫ Autocad Mep Version >= 2024 < 2024.1.3
Autodesk ≫ Autocad Mep Version >= 2025 < 2025.0.1
Autodesk ≫ Autocad Plant 3d Version >= 2021 < 2021.1.4
Autodesk ≫ Autocad Plant 3d Version >= 2022 < 2022.1.4
Autodesk ≫ Autocad Plant 3d Version >= 2023 < 2023.1.5
Autodesk ≫ Autocad Plant 3d Version >= 2024 < 2024.1.3
Autodesk ≫ Autocad Plant 3d Version >= 2025 < 2025.0.1
Autodesk ≫ Advance Steel Version >= 2021 < 2021.1.4
Autodesk ≫ Advance Steel Version >= 2022 < 2022.1.4
Autodesk ≫ Advance Steel Version >= 2023 < 2023.1.5
Autodesk ≫ Advance Steel Version >= 2024 < 2024.1.3
Autodesk ≫ Advance Steel Version >= 2025 < 2025.0.1
Autodesk ≫ Autocad Map 3d Version >= 2021 < 2021.1.4
Autodesk ≫ Autocad Map 3d Version >= 2022 < 2022.1.4
Autodesk ≫ Autocad Map 3d Version >= 2023 < 2023.1.5
Autodesk ≫ Autocad Map 3d Version >= 2024 < 2024.1.3
Autodesk ≫ Autocad Map 3d Version >= 2025 < 2025.0.1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.317 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@autodesk.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009