{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-29067", "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "assignerShortName": "autodesk", "dateUpdated": "2024-08-02T14:00:14.999Z", "dateReserved": "2023-03-30T00:00:00", "datePublished": "2023-04-14T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk", "dateUpdated": "2023-04-14T00:00:00"}, "descriptions": [{"lang": "en", "value": "A maliciously crafted X_B file when parsed through Autodesk\u00ae AutoCAD\u00ae 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."}], "affected": [{"vendor": "n/a", "product": "Autodesk AutoCAD", "versions": [{"version": "2023", "status": "affected"}]}], "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Memory Corruption Write"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T14:00:14.999Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2568A62-E5C4-490E-81F8-544415B928DC", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D94FD09-1B96-4778-BFAD-078C8B8501B5", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "299634F4-D72C-4DD2-9F51-7B2AD8A92798", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "D28E2A64-93A8-4421-94E8-05E080C8A342", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "C845EE8F-8DDA-4242-B5E1-91CEDEA163BD", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "A80FA213-D03D-426D-B271-25BF1BDA648E", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "18DD5427-3666-4D5E-9AB9-A0236F79181E", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "C22D3F40-E682-4871-B18F-E84829FBFB22", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "326B5CC6-1BFB-497B-863C-88874878449B", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "CAD08203-9B65-4141-A35E-3B9EACFE4B54", "versionEndExcluding": "2023.1.3", "versionStartIncluding": "2023", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A maliciously crafted X_B file when parsed through Autodesk\u00ae AutoCAD\u00ae 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process."}], "id": "CVE-2023-29067", "lastModified": "2023-04-20T15:32:06.377", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-14T19:15:09.237", "references": [{"source": "psirt@autodesk.com", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005"}], "sourceIdentifier": "psirt@autodesk.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}