cbcvebase.
CVE-2024-23131
published 2024-02-22

CVE-2024-23131: A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

Affected

45 ranges· showing 25
VendorProductVersion rangeFixed in
autodeskadvance_steel>= 2021 < 2021.1.42021.1.4
autodeskadvance_steel>= 2022 < 2022.1.42022.1.4
autodeskadvance_steel>= 2023 < 2023.1.52023.1.5
autodeskadvance_steel>= 2024 < 2024.1.32024.1.3
autodeskadvance_steel>= 2025 < 2025.0.12025.0.1
autodeskautocad>= 2021 < 2021.1.42021.1.4
autodeskautocad>= 2022 < 2022.1.42022.1.4
autodeskautocad>= 2023 < 2023.1.52023.1.5
autodeskautocad>= 2024 < 2024.1.32024.1.3
autodeskautocad>= 2025 < 2025.0.12025.0.1
autodeskautocad_architecture>= 2021 < 2021.1.42021.1.4
autodeskautocad_architecture>= 2022 < 2022.1.42022.1.4
autodeskautocad_architecture>= 2023 < 2023.1.52023.1.5
autodeskautocad_architecture>= 2024 < 2024.1.32024.1.3
autodeskautocad_architecture>= 2025 < 2025.0.12025.0.1
autodeskautocad_electrical>= 2021 < 2021.1.42021.1.4
autodeskautocad_electrical>= 2022 < 2022.1.42022.1.4
autodeskautocad_electrical>= 2023 < 2023.1.52023.1.5
autodeskautocad_electrical>= 2024 < 2024.1.32024.1.3
autodeskautocad_electrical>= 2025 < 2025.0.12025.0.1
autodeskautocad_map_3d>= 2021 < 2021.1.42021.1.4
autodeskautocad_map_3d>= 2022 < 2022.1.42022.1.4
autodeskautocad_map_3d>= 2023 < 2023.1.52023.1.5
autodeskautocad_map_3d>= 2024 < 2024.1.32024.1.3
autodeskautocad_map_3d>= 2025 < 2025.0.12025.0.1