CVE-2024-23137: A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.

Affected

45 ranges· showing 25

Vendor	Product	Version range	Fixed in
autodesk	advance_steel	>= 2021 < 2021.1.4	2021.1.4
autodesk	advance_steel	>= 2022 < 2022.1.4	2022.1.4
autodesk	advance_steel	>= 2023 < 2023.1.5	2023.1.5
autodesk	advance_steel	>= 2024 < 2024.1.3	2024.1.3
autodesk	advance_steel	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad_architecture	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad_architecture	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad_architecture	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad_architecture	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad_architecture	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad_electrical	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad_electrical	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad_electrical	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad_electrical	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad_electrical	>= 2025 < 2025.0.1	2025.0.1
autodesk	autocad_map_3d	>= 2021 < 2021.1.4	2021.1.4
autodesk	autocad_map_3d	>= 2022 < 2022.1.4	2022.1.4
autodesk	autocad_map_3d	>= 2023 < 2023.1.5	2023.1.5
autodesk	autocad_map_3d	>= 2024 < 2024.1.3	2024.1.3
autodesk	autocad_map_3d	>= 2025 < 2025.0.1	2025.0.1