CVE-2024-23157: A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.

Affected

36 ranges· showing 25

Vendor	Product	Version range	Fixed in
autodesk	advance_steel	>= 2022 < 2022.1.5	2022.1.5
autodesk	advance_steel	>= 2023 < 2023.1.6	2023.1.6
autodesk	advance_steel	>= 2024 < 2024.1.5	2024.1.5
autodesk	advance_steel	>= 2025 < 2025.1	2025.1
autodesk	autocad	>= 2022 < 2022.1.5	2022.1.5
autodesk	autocad	>= 2023 < 2023.1.6	2023.1.6
autodesk	autocad	>= 2024 < 2024.1.5	2024.1.5
autodesk	autocad	>= 2025 < 2025.1	2025.1
autodesk	autocad_architecture	>= 2022 < 2022.1.5	2022.1.5
autodesk	autocad_architecture	>= 2023 < 2023.1.6	2023.1.6
autodesk	autocad_architecture	>= 2024 < 2024.1.5	2024.1.5
autodesk	autocad_architecture	>= 2025 < 2025.1	2025.1
autodesk	autocad_electrical	>= 2022 < 2022.1.5	2022.1.5
autodesk	autocad_electrical	>= 2023 < 2023.1.6	2023.1.6
autodesk	autocad_electrical	>= 2024 < 2024.1.5	2024.1.5
autodesk	autocad_electrical	>= 2025 < 2025.1	2025.1
autodesk	autocad_map_3d	>= 2022 < 2022.1.5	2022.1.5
autodesk	autocad_map_3d	>= 2023 < 2023.1.6	2023.1.6
autodesk	autocad_map_3d	>= 2024 < 2024.1.5	2024.1.5
autodesk	autocad_map_3d	>= 2025 < 2025.1	2025.1
autodesk	autocad_mechanical	>= 2022 < 2022.1.5	2022.1.5
autodesk	autocad_mechanical	>= 2023 < 2023.1.6	2023.1.6
autodesk	autocad_mechanical	>= 2024 < 2024.1.5	2024.1.5
autodesk	autocad_mechanical	>= 2025 < 2025.1	2025.1
autodesk	autocad_mep	>= 2022 < 2022.1.5	2022.1.5