CVE-2024-37002

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

CVSS 7.8 HIGHEPSS 0.4%CWE-457

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Autodesk · Advance Steel Autodesk · AutoCAD Autodesk · AutoCAD Architecture Autodesk · AutoCAD Electrical Autodesk · AutoCAD MAP 3D Autodesk · AutoCAD Mechanical Autodesk · AutoCAD MEP Autodesk · AutoCAD Plant 3D Autodesk · Civil 3D

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009