cbcvebase.
CVE-2024-37008
published 2024-08-21

CVE-2024-37008: A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute…

high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

Affected

12 ranges
VendorProductVersion rangeFixed in
autodeskrevit
autodeskrevit
autodeskrevit
autodeskrevit
autodeskrevit>= 2022 < 2022.1.72022.1.7
autodeskrevit>= 2023 < 2023.1.52023.1.5
autodeskrevit>= 2024 < 2024.2.22024.2.2
autodeskrevit>= 2025 < 2025.12025.1
autodeskrevit_lt>= 2022 < 2022.1.72022.1.7
autodeskrevit_lt>= 2023 < 2023.1.52023.1.5
autodeskrevit_lt>= 2024 < 2024.2.22024.2.2
autodeskrevit_lt>= 2025 < 2025.12025.1