A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
| Link | Resource |
|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Nov 2023, 02:19
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| CPE | cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* |
|
| CWE | CWE-119 |
24 Nov 2023, 15:24
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-11-23 04:15
Updated : 2024-02-05 00:22
NVD link : CVE-2023-29076
Mitre link : CVE-2023-29076
CVE.ORG link : CVE-2023-29076
JSON object : View
Products Affected
autodesk
- autocad_lt
- autocad_civil_3d
- autocad
- autocad_plant_3d
- autocad_advance_steel
- autocad_map_3d
- autocad_architecture
- autocad_electrical
- autocad_mep
- autocad_mechanical
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer