A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
References
| Link | Resource |
|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
30 Nov 2023, 15:48
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Autodesk autocad Civil 3d
Autodesk autocad Architecture Autodesk autocad Electrical Autodesk Autodesk autocad Advance Steel Autodesk autocad Autodesk autocad Map 3d Autodesk autocad Lt Autodesk autocad Plant 3d Autodesk autocad Mep Autodesk autocad Mechanical |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CPE | cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* |
|
| CWE | CWE-119 | |
| References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 - Vendor Advisory |
23 Nov 2023, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-11-23 04:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-41139
Mitre link : CVE-2023-41139
CVE.ORG link : CVE-2023-41139
JSON object : View
Products Affected
autodesk
- autocad_plant_3d
- autocad_architecture
- autocad_advance_steel
- autocad
- autocad_map_3d
- autocad_electrical
- autocad_mep
- autocad_mechanical
- autocad_civil_3d
- autocad_lt