ByteOS Network

CVE-2024-7992

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.49%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:50

Updated-26 Aug, 2025 | 18:24

Autodesk AutoCAD DWG Stack-Based Buffer Overflow Code Execution Vulnerability

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-7991

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.07%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:49

Updated-26 Aug, 2025 | 18:23

Autodesk AutoCAD DWG Out-of-Bounds Write Code Execution Vulnerability

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-9997

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.08% / 25.02%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:45

Updated-26 Aug, 2025 | 18:41

Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability

A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-9996

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.08% / 25.02%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:45

Updated-26 Aug, 2025 | 18:40

Autodesk AutoCAD DWG File Parsing Out-Of-Bounds Write Code Execution Vulnerability

A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-9489

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.08% / 25.02%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:44

Updated-26 Aug, 2025 | 18:38

Autodesk AutoCAD DWG File Parsing Memory Corruption Code Execution Vulnerability

A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8896

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.08% / 25.02%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:43

Updated-26 Aug, 2025 | 18:38

Autodesk AutoCAD DXF File Parsing Unitialized Variable Code Execution Vulnerability

A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2024-8592

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.08% / 25.02%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:39

Updated-26 Aug, 2025 | 18:32

Autodesk AutoCAD CATPART File Parsing Memory Corruption Code Execution Vulnerability

A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-9827

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:14

Updated-25 Apr, 2025 | 20:30

Autodesk AutoCAD ACTranslators CATPART File Parsing Out-Of-Bounds Read Vulnerability

A maliciously crafted CATPART file when parsed in CC5Dll.dll through Autodesk AutoCAD can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-9826

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.12% / 31.31%

||

7 Day CHG+0.01%

Published-29 Oct, 2024 | 21:14

Updated-26 Aug, 2025 | 18:39

Autodesk AutoCAD ACTranslators 3DM File Parsing Use-After-Free Code Execution Vulnerability

A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-416

Use After Free

CVE-2024-8600

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:14

Updated-26 Aug, 2025 | 18:37

A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8599

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:13

Updated-26 Aug, 2025 | 18:36

Autodesk AutoCAD ACTranslators STP File Parsing Memory Corruption Code Execution Vulnerability

A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8598

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:12

Updated-26 Aug, 2025 | 18:36

Autodesk AutoCAD ACTranslators STEP File Parsing Memory Corruption Code Execution Vulnerability

A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8597

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:12

Updated-26 Aug, 2025 | 18:35

Autodesk AutoCAD STEP File Parsing Memory Corruption Code Execution Vulnerability

A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8596

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:11

Updated-26 Aug, 2025 | 18:35

Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Code Execution Vulnerability

A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8595

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.12% / 31.31%

||

7 Day CHG+0.01%

Published-29 Oct, 2024 | 21:10

Updated-26 Aug, 2025 | 18:34

Autodesk AutoCAD MODEL File Parsing Use-After-Free Code Execution Vulnerability

A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-416

Use After Free

CVE-2024-8594

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:09

Updated-26 Aug, 2025 | 18:34

Autodesk AutoCAD MODEL File Parsing Heap-based Buffer Overflow Code Execution Vulnerability

A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8593

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:08

Updated-26 Aug, 2025 | 18:33

Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Code Execution Vulnerability

A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8591

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.49%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:08

Updated-26 Aug, 2025 | 18:32

Autodesk AutoCAD 3DM File Parsing Heap-based Buffer Overflow Code Execution Vulnerability

A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-8590

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.12% / 31.31%

||

7 Day CHG+0.01%

Published-29 Oct, 2024 | 21:07

Updated-26 Aug, 2025 | 18:31

Autodesk AutoCAD 3DM File Parsing Use-After-Free Code Execution Vulnerability

A maliciously crafted 3DM file when parsed in atf_api.dll through Autodesk AutoCAD can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-416

Use After Free

CVE-2024-8589

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:07

Updated-26 Aug, 2025 | 18:29

Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Vulnerability

A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-8588

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.09% / 25.82%

||

7 Day CHG~0.00%

Published-29 Oct, 2024 | 21:06

Updated-26 Aug, 2025 | 18:28

Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Vulnerability

A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-125

Out-of-bounds Read

CVE-2024-36999

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.33% / 55.33%

||

7 Day CHG~0.00%

Published-25 Jun, 2024 | 03:33

Updated-26 Aug, 2025 | 18:15

Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products

A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23158

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.28% / 50.81%

||

7 Day CHG~0.00%

Published-25 Jun, 2024 | 03:31

Updated-26 Aug, 2025 | 21:15

Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products

A maliciously crafted IGES file, when parsed in ASMImport229A.dll through Autodesk applications, can be used to cause a use-after-free vulnerability. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.

CWE ID-CWE-416

Use After Free

CVE-2024-23155

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.14% / 35.21%

||

7 Day CHG~0.00%

Published-25 Jun, 2024 | 03:28

Updated-26 Aug, 2025 | 20:47

Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products

A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-37002

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.57%

||

7 Day CHG~0.00%

Published-25 Jun, 2024 | 03:07

Updated-26 Aug, 2025 | 17:57

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CWE ID-CWE-457

Use of Uninitialized Variable

CWE ID-CWE-863

Incorrect Authorization

CVE-2024-23138

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.83% / 73.51%

||

7 Day CHG~0.00%

Published-17 Mar, 2024 | 23:56

Updated-26 Aug, 2025 | 21:15

Stack-based Overflow Vulnerability in the TrueViewTM Desktop Software

A maliciously crafted DWG file when parsed through Autodesk DWG TrueView can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-121

Stack-based Buffer Overflow

CVE-2024-23137

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-2.17% / 83.65%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 04:49

Updated-11 Apr, 2025 | 15:55

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.

CWE ID-CWE-457

Use of Uninitialized Variable

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2024-23136

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.89% / 74.57%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 04:48

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CWE ID-CWE-822

Untrusted Pointer Dereference

CVE-2024-23135

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-1.72% / 81.63%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 04:34

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted SLDPRT file in ASMkern228A.dll when parsed through Autodesk applications can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CWE ID-CWE-416

Use After Free

CVE-2024-23134

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.97% / 75.64%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 04:27

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

CWE ID-CWE-416

Use After Free

CVE-2024-23133

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.26% / 49.24%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 04:11

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23132

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.26% / 49.24%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 04:10

Updated-26 Aug, 2025 | 17:20

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23131

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.80% / 73.10%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 04:05

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23130

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.80% / 73.10%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 03:33

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23129

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.60% / 68.32%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 03:24

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23128

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.69% / 70.91%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 03:18

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2024-23127

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.69% / 70.91%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 02:59

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL, SLDPRT, or SLDASM file, when parsed in ODXSW_DLL.dll and libodxdll.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23126

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.30% / 52.71%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 02:25

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted CATPART file when parsed CC5Dll.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23125

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.15% / 36.29%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 02:23

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted SLDPRT file when parsed ODXSW_DLL.dll through Autodesk applications can be used to cause a Stack-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23124

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.92% / 74.96%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 02:14

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP file, when parsed in ASMIMPORT228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23123

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.94% / 75.27%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 01:38

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted CATPART file, when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23122

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.94% / 75.27%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 01:36

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23121

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-1.08% / 76.96%

||

7 Day CHG~0.00%

Published-22 Feb, 2024 | 01:18

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-23120

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.81% / 73.20%

||

7 Day CHG~0.00%

Published-21 Feb, 2024 | 23:36

Updated-26 Aug, 2025 | 21:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP and STEP file, when parsed in ASMIMPORT228A.dll and ASMIMPORT229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2024-0446

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.34% / 56.24%

||

7 Day CHG~0.00%

Published-21 Feb, 2024 | 23:16

Updated-26 Aug, 2025 | 20:15

Multiple Vulnerabilities in the Autodesk AutoCAD Desktop Software

A maliciously crafted STP, CATPART or MODEL file, when parsed in ASMKERN228A.dll and ASMdatax229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-41140

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.08% / 23.46%

||

7 Day CHG~0.00%

Published-23 Nov, 2023 | 03:56

Updated-02 Aug, 2024 | 18:54

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Vendor-Autodesk Inc.

Product-autocad_advance_steel autocad_mechanical autocad_plant_3d autocad_map_3d autocad autocad_civil_3d autocad_electrical autocad_lt autocad_architecture autocad_mep AutoCAD, Advance Steel and Civil 3D

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-41139

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-7.8||HIGH

EPSS-0.06% / 17.10%

||

7 Day CHG~0.00%

Published-23 Nov, 2023 | 03:53

Updated-02 Aug, 2024 | 18:54

A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

Vendor-Autodesk Inc.

Product-autocad_advance_steel autocad_mechanical autocad_plant_3d autocad_map_3d autocad autocad_civil_3d autocad_electrical autocad_lt autocad_architecture autocad_mep AutoCAD, Advance Steel and Civil 3D

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2023-29076

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-9.8||CRITICAL

EPSS-0.30% / 52.58%

||

7 Day CHG~0.00%

Published-23 Nov, 2023 | 03:45

Updated-02 Dec, 2024 | 20:32

A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

Vendor-Autodesk Inc.

Product-autocad_advance_steel autocad_mechanical autocad_plant_3d autocad_map_3d autocad autocad_civil_3d autocad_electrical autocad_lt autocad_architecture autocad_mep AutoCAD, Advance Steel and Civil 3D

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2023-29075

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-9.8||CRITICAL

EPSS-0.31% / 53.79%

||

7 Day CHG~0.00%

Published-23 Nov, 2023 | 03:39

Updated-15 Oct, 2024 | 18:35

A maliciously crafted PRT file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Vendor-Autodesk Inc.

Product-autocad_advance_steel autocad_mechanical autocad_plant_3d autocad_map_3d autocad autocad_civil_3d autocad_electrical autocad_lt autocad_architecture autocad_mep AutoCAD, Advance Steel and Civil 3D

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-29074

Assigner-Autodesk

View Details

Assigner-Autodesk

CVSS Score-9.8||CRITICAL

EPSS-0.31% / 53.79%

||

7 Day CHG~0.00%

Published-23 Nov, 2023 | 03:36

Updated-02 Aug, 2024 | 14:00

A maliciously crafted CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause an Out-Of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Vendor-Autodesk Inc.

Product-autocad_advance_steel autocad_mechanical autocad_plant_3d autocad_map_3d autocad autocad_civil_3d autocad_electrical autocad_lt autocad_architecture autocad_mep AutoCAD, Advance Steel and Civil 3D

CWE ID-CWE-787

Out-of-bounds Write

autocad_advance_steel

Source -

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -