cbcvebase.
CVE-2024-23120
published 2024-02-22

CVE-2024-23120: A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Affected

45 ranges· showing 25
VendorProductVersion rangeFixed in
autodeskadvance_steel>= 2021 < 2021.1.42021.1.4
autodeskadvance_steel>= 2022 < 2022.1.42022.1.4
autodeskadvance_steel>= 2023 < 2023.1.52023.1.5
autodeskadvance_steel>= 2024 < 2024.1.32024.1.3
autodeskadvance_steel>= 2025 < 2025.0.12025.0.1
autodeskautocad>= 2021 < 2021.1.42021.1.4
autodeskautocad>= 2022 < 2022.1.42022.1.4
autodeskautocad>= 2023 < 2023.1.52023.1.5
autodeskautocad>= 2024 < 2024.1.32024.1.3
autodeskautocad>= 2025 < 2025.0.12025.0.1
autodeskautocad_architecture>= 2021 < 2021.1.42021.1.4
autodeskautocad_architecture>= 2022 < 2022.1.42022.1.4
autodeskautocad_architecture>= 2023 < 2023.1.52023.1.5
autodeskautocad_architecture>= 2024 < 2024.1.32024.1.3
autodeskautocad_architecture>= 2025 < 2025.0.12025.0.1
autodeskautocad_electrical>= 2021 < 2021.1.42021.1.4
autodeskautocad_electrical>= 2022 < 2022.1.42022.1.4
autodeskautocad_electrical>= 2023 < 2023.1.52023.1.5
autodeskautocad_electrical>= 2024 < 2024.1.32024.1.3
autodeskautocad_electrical>= 2025 < 2025.0.12025.0.1
autodeskautocad_map_3d>= 2021 < 2021.1.42021.1.4
autodeskautocad_map_3d>= 2022 < 2022.1.42022.1.4
autodeskautocad_map_3d>= 2023 < 2023.1.52023.1.5
autodeskautocad_map_3d>= 2024 < 2024.1.32024.1.3
autodeskautocad_map_3d>= 2025 < 2025.0.12025.0.1