A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
01 Nov 2024, 16:18
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 - Vendor Advisory | |
First Time |
Autodesk
Autodesk autocad Mechanical Autodesk autocad Architecture Autodesk autocad Autodesk autocad Plant 3d Autodesk autocad Advance Steel Autodesk autocad Civil 3d Microsoft windows Autodesk autocad Electrical Microsoft Autodesk autocad Mep |
|
CPE | cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* |
|
CWE | CWE-787 |
01 Nov 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
29 Oct 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-29 22:15
Updated : 2024-11-01 16:18
NVD link : CVE-2024-8594
Mitre link : CVE-2024-8594
CVE.ORG link : CVE-2024-8594
JSON object : View
Products Affected
autodesk
- autocad_mechanical
- autocad_plant_3d
- autocad_architecture
- autocad_advance_steel
- autocad_civil_3d
- autocad_mep
- autocad_electrical
- autocad
microsoft
- windows