CVE-2024-37007

2024-06-2503:35:23

CWE-416

autodesk

github.com

maliciously crafted file

pskernel.dll

code execution

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A maliciously crafted X_B and X_T file, when parsed in pskernel.DLL through Autodesk applications, can cause a use-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CNA Affected

[
  {
    "vendor": "Autodesk",
    "product": "AutoCAD, Advance Steel and Civil 3D",
    "versions": [
      {
        "status": "affected",
        "version": "2024"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010