CVE-2023-29076
Severity CVSS v4.0:
Pending analysis
Type:
CWE-119
Buffer Errors
Publication date:
23/11/2023
Last modified:
30/11/2023
Description
A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.<br />
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:* | 2024.1 (excluding) | |
| cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* | 2023.0.0 (including) | 2023.1.4 (excluding) |
| cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* | 2024.0.0 (including) | 2024.1.1 (excluding) |
| cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* | 2023.1.4 (excluding) | |
| cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* | 2024.0.0 (including) | 2024.1.1 (excluding) |
| cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* | 2023.1.4 (excluding) | |
| cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* | 2024.0.0 (including) | 2024.1.1 (excluding) |
| cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* | 2023.1.4 (excluding) | |
| cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* | 2024.0.0 (including) | 2024.1.1 (excluding) |
| cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* | 2023.1.4 (excluding) | |
| cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* | 2024.0.0 (including) | 2024.1.1 (excluding) |
| cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* | 2023.1.4 (excluding) | |
| cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:* | 2024.1 (excluding) | |
| cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* | 2024.0.0 (including) | 2024.1.1 (excluding) |
| cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* | 2023.1.4 (excluding) |
To consult the complete list of CPE names with products and versions, see this page