CVE-2024-23123

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-23123
A maliciously crafted CATPART file in CC5Dll.dll or ASMBASE228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
CVSS

No CVSS.

References
Link Resource
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004
Configurations

No configuration.

History

13 Mar 2024, 03:15

Type Values Removed Values Added
Summary (en) A maliciously crafted CATPART file when parsed in CC5Dll.dll and ASMBASE228A.dll through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. (en) A maliciously crafted CATPART file in CC5Dll.dll or ASMBASE228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
References
  • () https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004 -

22 Feb 2024, 19:07

Type Values Removed Values Added
Summary
  • (es) Un archivo CATPART creado con fines malintencionados, cuando se analiza en CC5Dll.dll y ASMBASE228A.dll a través de Autodesk AutoCAD, puede forzar una escritura fuera de los límites. Un actor malintencionado puede aprovechar esta vulnerabilidad para provocar un bloqueo, escribir datos confidenciales o ejecutar código arbitrario en el contexto del proceso actual.

22 Feb 2024, 02:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-22 02:15

Updated : 2024-03-13 03:15

NVD link : CVE-2024-23123

Mitre link : CVE-2024-23123

CVE.ORG link : CVE-2024-23123

JSON object : View

Products Affected

No product.

CWE
CWE-787

Out-of-bounds Write