A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 | Vendor Advisory |
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 | Vendor Advisory |
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004 | Vendor Advisory |
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004 | Vendor Advisory |
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 | Vendor Advisory |
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
History
11 Apr 2025, 15:56
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004 - Vendor Advisory | |
| References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002 - Vendor Advisory | |
| References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 - Vendor Advisory | |
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* |
|
| First Time |
Autodesk autocad Electrical
Autodesk advance Steel Autodesk autocad Architecture Autodesk autocad Map 3d Autodesk autocad Autodesk autocad Mep Autodesk civil 3d Autodesk Autodesk autocad Mechanical Autodesk autocad Plant 3d |
25 Jun 2024, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | |
| References |
|
18 Mar 2024, 00:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
| Summary | A maliciously crafted MODEL 3DM, STP or SLDASM files in opennurbs.dll when parsed through Autodesk AutoCAD could lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. |
22 Feb 2024, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-02-22 04:15
Updated : 2025-04-11 15:56
NVD link : CVE-2024-23129
Mitre link : CVE-2024-23129
JSON object : View
Products Affected
autodesk
- autocad_mechanical
- autocad
- autocad_electrical
- advance_steel
- autocad_plant_3d
- autocad_mep
- civil_3d
- autocad_map_3d
- autocad_architecture
CWE