6 matches found
CVE-2023-25003
CVE-2023-25003 affects Autodesk AutoCAD 2023 and Autodesk Maya 2022 via a malicious pskernel.dll that enables out-of-bounds read/write conditions, potentially leading to code execution. The issue is caused by a vulnerability in the pskernel.dll handling, with exploitation implied by references to...
CVE-2023-29068
CVE-2023-29068 : A maliciously crafted file consumed through the Autodesk pskernel.dll can cause memory corruption, which in conjunction with other vulnerabilities could lead to code execution in the context of the current process. The issue is associated with Autodesk products using pskernel.dll...
CVE-2014-2967
Autodesk VRED Pro 2014 (before SR1 SP8) is affected by an unauthenticated remote code execution via the built‑in web server’s Python API. An attacker can remotely execute arbitrary code by sending commands through the exposed Python API (using the os library) on the server (port 8888). Impact is ...
CVE-2023-25002
CVE-2023-25002 concerns a use-after-free vulnerability triggered by a malicious SKP file in Autodesk products. Affected software is Autodesk products that process SKP files (e.g., Autodesk 3ds Max, Navisworks, SKP-related components) per multiple sources in the Connected set. Root cause is a use-...
CVE-2024-7995
Autodesk VRED Design is affected by CVE-2024-7995, where a maliciously crafted binary file downloaded could exploit an untrusted search path to escalate privileges to NT AUTHORITY/SYSTEM, potentially enabling code execution. The condition is triggered by handling a downloaded binary within the VR...
CVE-2023-25004
CVE-2023-25004 involves a maliciously crafted pskernel.dll in Autodesk products that triggers an integer overflow vulnerability, potentially enabling code execution. Connected advisories document affected Autodesk components such as InfraWorks and VRED variants and describe exploitation possibili...