Lucene search
AutodeskVULNRICHMENT:CVE-2024-23136HistoryFeb 22, 2024 - 4:48 a.m.
CVE-2024-23136
2024-02-2204:48:25
CWE-822
autodesk
github.com
3
stp file
autodesk autocad
code execution
untrusted pointer
vulnerability
A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk AutoCAD can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CNA Affected
[
{
"vendor": "Autodesk",
"product": "AutoCAD, Advance Steel and Civil 3D",
"versions": [
{
"status": "affected",
"version": "2024, 2023, 2022, 2021"
}
],
"defaultStatus": "unknown"
}
]ADP Affected
[
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_advance_steel:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_advance_steel:2025:*:*:*:*:*:*:*"
],
"vendor": "autodesk",
"product": "autocad_advance_steel",
"versions": [
{
"status": "affected",
"version": "2021",
"lessThan": "2021.1.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "2022",
"lessThan": "2022.1.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "2023",
"lessThan": "2023.1.5",
"versionType": "custom"
},
{
"status": "affected",
"version": "2024",
"lessThan": "2024.1.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "2025",
"lessThan": "2025.0.1",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad_civil_3d:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad_civil_3d:2025:*:*:*:*:*:*:*"
],
"vendor": "autodesk",
"product": "autocad_civil_3d",
"versions": [
{
"status": "affected",
"version": "2021",
"lessThan": "2021.1.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "2022",
"lessThan": "2022.1.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "2023",
"lessThan": "2023.1.5",
"versionType": "custom"
},
{
"status": "affected",
"version": "2024",
"lessThan": "2024.1.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "2025",
"lessThan": "2025.0.1",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:autodesk:autocad:2021:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
"cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*"
],
"vendor": "autodesk",
"product": "autocad",
"versions": [
{
"status": "affected",
"version": "2021",
"lessThan": "2021.1.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "2022",
"lessThan": "2022.1.4",
"versionType": "custom"
},
{
"status": "affected",
"version": "2023",
"lessThan": "2023.1.5",
"versionType": "custom"
},
{
"status": "affected",
"version": "2024",
"lessThan": "2024.1.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "2025",
"lessThan": "2025.0.1",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
nvd
nvd
CVE-2024-23136
2024-02-22 05:15:09
cvelist
cvelist
CVE-2024-23136
2024-02-22 04:48:25
prion
prion
Null pointer dereference
2024-02-22 05:15:00
zdi
zdi
cve
cve
CVE-2024-23136
2024-02-22 05:15:09
nessus
nessus
Autodesk Multiple Vulnerabilities (AutoCAD) (adsk-sa-2024-0004)
2024-03-28 00:00:00
AI Score
7.2
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-23136