A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 | Vendor Advisory |
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 07:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 - Vendor Advisory |
30 Nov 2023, 02:20
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 - Vendor Advisory | |
First Time |
Autodesk autocad Civil 3d
Autodesk autocad Architecture Autodesk autocad Electrical Autodesk Autodesk autocad Advance Steel Autodesk autocad Autodesk autocad Map 3d Autodesk autocad Lt Autodesk autocad Plant 3d Autodesk autocad Mep Autodesk autocad Mechanical |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* |
23 Nov 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-23 04:15
Updated : 2024-11-21 07:56
NVD link : CVE-2023-29075
Mitre link : CVE-2023-29075
CVE.ORG link : CVE-2023-29075
JSON object : View
Products Affected
autodesk
- autocad_civil_3d
- autocad_advance_steel
- autocad_plant_3d
- autocad_electrical
- autocad_map_3d
- autocad
- autocad_mep
- autocad_architecture
- autocad_mechanical
- autocad_lt
CWE
CWE-787
Out-of-bounds Write