CVE-2024-23136

A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

CVE-2024-23147

A maliciously crafted CATPART, XB and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the...

Autodesk Multiple Vulnerabilities (AutoCAD) (adsk-sa-2024-0009)

The version of Autodesk AutoCAD installed on the remote Windows host is a version prior to 2024.1.4. It is, therefore, affected by multiple vulnerabilities: - A maliciously crafted STP, CATPART or MODEL file in ASMKERN228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. ...

CVE-2024-23135

A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

CVE-2024-23136

A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

CVE-2024-23136

Autodesk AutoCAD is affected by CVE-2024-23136 due to a malicious STP file parsed by ASMKERN228A.dll that can cause a dereference of an untrusted pointer, potentially enabling code execution in the current process. The CVSS indicates local access, no privileges required, user interaction required...

CVE-2024-23136 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

CVE-2024-23135 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

CVE-2024-23135 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

Memory corruption

A maliciously crafted STP file in ASMKERN228A.dll or ASMDATAX228A.dll when parsed through Autodesk AutoCAD could lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the...

CVE-2024-23131

Autodesk AutoCAD STP file parsing memory corruption vulnerability leading to remote code execution. The issue occurs when parsing STP files, with the memory corruption exploitable to run code in the current process. Descriptions from ZDI advisories confirm a remote code execution condition requir...

CVE-2024-23131 Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to...

CVE-2024-0446

A maliciously crafted STP, CATPART or MODEL file, when parsed in ASMKERN228A.dll and ASMdatax229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in t...

Autodesk AutoCAD Buffer Error Vulnerability

Autodesk AutoCAD is a suite of professional 3D drawing software from Autodesk, Inc. Autodesk AutoCAD suffers from a buffer error vulnerability that originates from an out-of-bounds write vulnerability when parsing a maliciously compiled STP, CATPART or MODEL file in ASMKERN228A.dll. An attacker...