V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2023-29076
CVE
Critical

A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption v…

CVSS
9.8
Critical
EPSS
0.01
p56
Published
2023-01-01
Updated
2023-01-01
Description

A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

Tags · CWE
RCEPre-auth
CWE-119
CAPEC-8
CAPEC-9
CAPEC-10
CAPEC-14
CAPEC-24
CAPEC-42
CAPEC-44
CAPEC-45
CAPEC-46
CAPEC-47
CAPEC-100
CAPEC-123
Affected products
Autocad < 2024.1Autocad 2023.0.0–2023.1.4Autocad 2024.0.0–2024.1.1Autocad_advance_steel < 2023.1.4Autocad_advance_steel 2024.0.0–2024.1.1Autocad_architecture < 2023.1.4Autocad_architecture 2024.0.0–2024.1.1Autocad_civil_3d < 2023.1.4Autocad_civil_3d 2024.0.0–2024.1.1Autocad_electrical < 2023.1.4Autocad_electrical 2024.0.0–2024.1.1Autocad_lt < 2023.1.4Autocad_lt < 2024.1Autocad_lt 2024.0.0–2024.1.1Autocad_map_3d < 2023.1.4Autocad_map_3d 2024.0.0–2024.1.1Autocad_mechanical < 2023.1.4Autocad_mechanical 2024.0.0–2024.1.1Autocad_mep < 2023.1.4Autocad_mep 2024.0.0–2024.1.1Autocad_plant_3d < 2023.1.4Autocad_plant_3d 2024.0.0–2024.1.1
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Timeline
2023-01-01
Published
2023-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: L
Low (L)
Privileges Required
PR: N
None (N)
User Interaction
UI: N
None (N)
Scope
S: U
Unchanged (U)
Confidentiality Impact
C: H
High (H)
Integrity Impact
I: H
High (H)
Availability Impact
A: H
High (H)
Exploit indicators
EPSS
0.010 · p56
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Autodesk
AutocadAutocad ElectricalAutocad MechanicalAutocad ArchitectureAutocad MepAutocad Plant 3dAutocad Map 3dAutocad LtAutocad Civil 3dAutocad Advance Steel
ProductVendorStatus
autocad*Tracked
autocad_advance_steel*Tracked
autocad_architecture*Tracked
autocad_civil_3d*Tracked
autocad_electrical*Tracked
autocad_lt*Tracked
autocad_map_3d*Tracked
autocad_mechanical*Tracked
autocad_mep*Tracked
autocad_plant_3d*Tracked
Source databases
CVE
Related vulnerabilities
BDU:2023-06043