CVE-2023-29068

CWE-787Out-of-bounds Write3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 78.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
17
Autodesk AliasAutodesk AutocadAutodesk Autocad Advance Steel+14 more
Timeline
PublishedJun 27

Description

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages18 packages

NVDautodesk/vred20232023.4
NVDautodesk/alias20232023.1.1
NVDautodesk/revit20212021.1.8
NVDautodesk/autocad20202020.1.6+3
NVDautodesk/inventor20212021.5+2

🔴Vulnerability Details

2
CVEList
CVE-2023-29068: A maliciously crafted file consumed through pskernel2023-06-27
GHSA
GHSA-fw27-7fvf-jgxv: A maliciously crafted file consumed through pskernel2023-06-27