A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
Metrics
Affected Vendors & Products
References
History
Fri, 01 Nov 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Autodesk
Autodesk autocad Autodesk autocad Advance Steel Autodesk autocad Architecture Autodesk autocad Civil 3d Autodesk autocad Electrical Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Microsoft Microsoft windows |
|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Autodesk
Autodesk autocad Autodesk autocad Advance Steel Autodesk autocad Architecture Autodesk autocad Civil 3d Autodesk autocad Electrical Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Microsoft Microsoft windows |
Wed, 30 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 29 Oct 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |
Title | Autodesk AutoCAD STEP File Parsing Memory Corruption Code Execution Vulnerability | |
Weaknesses | CWE-119 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: autodesk
Published: 2024-10-29T21:12:24.663Z
Updated: 2024-10-30T15:02:24.584Z
Reserved: 2024-09-09T04:59:35.505Z
Link: CVE-2024-8597
Vulnrichment
Updated: 2024-10-30T14:02:30.772Z
NVD
Status : Analyzed
Published: 2024-10-29T22:15:07.703
Modified: 2024-11-01T16:17:52.607
Link: CVE-2024-8597
Redhat
No data.