CVE-2024-23132: A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Affected

45 ranges· showing 25

Vendor	Product	Version range	Fixed in
autodesk	advance_steel	>= 2021 < 2021.1.4	2021.1.4
autodesk	advance_steel	>= 2022 < 2022.1.4	2022.1.4
autodesk	advance_steel	>= 2023 < 2023.1.5	2023.1.5
autodesk	advance_steel	>= 2024 < 2024.1.3	2024.1.3
autodesk	advance_steel	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad_architecture	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad_architecture	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad_architecture	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad_architecture	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad_architecture	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad_electrical	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad_electrical	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad_electrical	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad_electrical	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad_electrical	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad_map_3d	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad_map_3d	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad_map_3d	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad_map_3d	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad_map_3d	>= 2025 < 2025.0.1	2025.0.1