Lucene search

K
cvelistAutodeskCVELIST:CVE-2024-23124
HistoryFeb 22, 2024 - 2:14 a.m.

CVE-2024-23124

2024-02-2202:14:25
CWE-787
autodesk
www.cve.org
malicious actor leverage
out-of-bound write
sensitive data

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.5%

A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CNA Affected

[
  {
    "defaultStatus": "unknown",
    "product": "AutoCAD, Advance Steel and Civil 3D",
    "vendor": "Autodesk",
    "versions": [
      {
        "status": "affected",
        "version": "2024, 2023, 2022, 2021"
      }
    ]
  }
]

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.5%

Related for CVELIST:CVE-2024-23124