CVE Published: 22/02/2024 |
CVE Updated: 01/08/2024 |
CVE Year: 2024 Source: autodesk |
Vendor: Autodesk |
Product: AutoCAD, Advance Steel and Civil 3D Status : PUBLISHED
CVE-2024-23124 Description
A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.