A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
Configurations
Configuration 1 (hide)
| AND |
|
History
11 Apr 2025, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
03 Feb 2025, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
|
01 Nov 2024, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-125 | |
| CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* |
|
| References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019 - Vendor Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| First Time |
Autodesk autocad Electrical
Microsoft windows Autodesk autocad Mep Autodesk Autodesk autocad Advance Steel Autodesk autocad Plant 3d Autodesk autocad Microsoft Autodesk autocad Civil 3d Autodesk autocad Mechanical Autodesk autocad Architecture |
29 Oct 2024, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-10-29 22:15
Updated : 2025-04-11 17:15
NVD link : CVE-2024-8588
Mitre link : CVE-2024-8588
JSON object : View
Products Affected
autodesk
- autocad_mechanical
- autocad
- autocad_electrical
- autocad_plant_3d
- autocad_mep
- autocad_advance_steel
- autocad_civil_3d
- autocad_architecture
microsoft
- windows
CWE
CWE-125
Out-of-bounds Read