CVE-2024-23136

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

CVSS 7.8 HIGHEPSS 0.4%CWE-822

A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Produtos afetados

Autodesk · Advance Steel Autodesk · AutoCAD Autodesk · AutoCAD Architecture Autodesk · AutoCAD Electrical Autodesk · AutoCAD MAP 3D Autodesk · AutoCAD Mechanical Autodesk · AutoCAD MEP Autodesk · AutoCAD Plant 3D Autodesk · Civil 3D

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004