Autodesk Autocad Mechanical vulnerabilities

CVE-2025-1652 [HIGH] CWE-125 CVE-2025-1652: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds R A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1430 [HIGH] CWE-120 CVE-2025-1430: A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corrupti A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

CVE-2025-1432 [HIGH] CWE-416 CVE-2025-1432: A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vul A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1433 [HIGH] CWE-125 CVE-2025-1433: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds R A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1429 [HIGH] CWE-122 CVE-2025-1429: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overf A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1651 [HIGH] CWE-122 CVE-2025-1651: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overf A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-9997 [HIGH] CWE-120 CVE-2024-9997: A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-8599 [HIGH] CWE-119 CVE-2024-8599: A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-9489 [HIGH] CWE-119 CVE-2024-9489: A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory C A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-8588 [HIGH] CWE-125 CVE-2024-8588: A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-8587 [HIGH] CWE-122 CVE-2024-8587: A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-8594 [HIGH] CWE-122 CVE-2024-8594: A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a H A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-9826 [HIGH] CWE-416 CVE-2024-9826: A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-A A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-7992 [HIGH] CWE-121 CVE-2024-7992: A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based produ A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-8600 [HIGH] CWE-119 CVE-2024-8600: A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-9996 [HIGH] CWE-787 CVE-2024-9996: A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CVE-2024-8591 [HIGH] CWE-122 CVE-2024-8591: A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-9827 [HIGH] CWE-125 CVE-2024-9827: A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an O A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-8589 [HIGH] CWE-125 CVE-2024-8589: A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-8590 [HIGH] CWE-416 CVE-2024-8590: A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-A A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.