CVE-2023-29076

EUVD-2023-32679
A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
Affected Products (NVD)
VendorProductVersion
autodeskautocad
𝑥
< 2024.1
autodeskautocad
2023.0.0 ≤
𝑥
< 2023.1.4
autodeskautocad
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_advance_steel
𝑥
< 2023.1.4
autodeskautocad_advance_steel
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_architecture
𝑥
< 2023.1.4
autodeskautocad_architecture
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_civil_3d
𝑥
< 2023.1.4
autodeskautocad_civil_3d
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_electrical
𝑥
< 2023.1.4
autodeskautocad_electrical
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_lt
𝑥
< 2023.1.4
autodeskautocad_lt
𝑥
< 2024.1
autodeskautocad_lt
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_map_3d
𝑥
< 2023.1.4
autodeskautocad_map_3d
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_mechanical
𝑥
< 2023.1.4
autodeskautocad_mechanical
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_mep
𝑥
< 2023.1.4
autodeskautocad_mep
2024.0.0 ≤
𝑥
< 2024.1.1
autodeskautocad_plant_3d
𝑥
< 2023.1.4
autodeskautocad_plant_3d
2024.0.0 ≤
𝑥
< 2024.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018