CVE-2024-23136 — Untrusted Pointer Dereference in Advance Steel
Severity
7.8HIGHNVD
EPSS
0.4%
top 41.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedFeb 22
Description
A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9