Lucene search

K
nessusThis script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.AUTODESK_INFRAWORKS_ADSK-SA-2023-0009.NASL
HistoryJun 01, 2023 - 12:00 a.m.

Autodesk PSKernel Out-of-bounds Read/Write (InfraWorks) (adsk-sa-2023-0009)

2023-06-0100:00:00
This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
8
autodesk infraworks
pskernel.dll
integer overflow
memory corruption
code execution
cve-2023-25004
cve-2023-29068
nessus
windows host

EPSS

0.001

Percentile

23.4%

The version of Autodesk InfraWorks installed on the remote Windows host is version 2021.x prior to 2021.2, 2022.x prior to 2022.1 or 2023.x prior to 2023.0. It is, therefore, affected by multiple vulnerabilities.

  • A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution. (CVE-2023-25004)

  • A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process. (CVE-2023-29068)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(176547);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2023/10/23");

  script_cve_id("CVE-2023-25004", "CVE-2023-29068");
  script_xref(name:"IAVA", value:"2023-A-0258");

  script_name(english:"Autodesk PSKernel Out-of-bounds Read/Write (InfraWorks) (adsk-sa-2023-0009)");

  script_set_attribute(attribute:"synopsis", value:
"An application installed on the remote Windows host is affected by an out-of-bounds read/write vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of Autodesk InfraWorks installed on the remote Windows host is version 2021.x prior to 2021.2, 2022.x prior
to 2022.1 or 2023.x prior to 2023.0. It is, therefore, affected by multiple vulnerabilities.

  - A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow
  vulnerabilities. Exploitation of these vulnerabilities may lead to code execution. (CVE-2023-25004)

  - A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption
  vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code
  execution in the context of the current process. (CVE-2023-29068)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009");
  script_set_attribute(attribute:"solution", value:
"Upgrade to InfraWorks version 2021.2, 2022.1, 2023.0 or later.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-29068");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/04/23");
  script_set_attribute(attribute:"patch_publication_date", value:"2023/04/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2023/06/01");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:autodesk:infraworks");
  script_set_attribute(attribute:"stig_severity", value:"I");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("autodesk_infraworks_win_installed.nbin");
  script_require_keys("installed_sw/InfraWorks", "SMB/Registry/Enumerated");

  exit(0);
}

include('vcf.inc');
get_kb_item_or_exit('SMB/Registry/Enumerated');

var app_info = vcf::get_app_info(app:'InfraWorks', win_local:TRUE);

var constraints = [
  { 'min_version' : '21.0', 'fixed_version' : '21.2.15.0' }, # 2021.2
  { 'min_version' : '22.0', 'fixed_version' : '22.1.0.16' }, # 2022.1
  { 'min_version' : '23.0', 'fixed_version' : '23.1.0.18'}  # 2023.1
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);
VendorProductVersionCPE
autodeskinfraworkscpe:/a:autodesk:infraworks

EPSS

0.001

Percentile

23.4%

Related for AUTODESK_INFRAWORKS_ADSK-SA-2023-0009.NASL