ГлавнаяУязвимости → CVE-2024-0446
7.8высокая

CVE-2024-0446

Описание

A maliciously crafted STP, CATPART or MODEL file, when parsed in ASMKERN228A.dll and ASMdatax229A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Затрагиваемое ПО
Autodesk AutocadAutodesk Autocad architectureAutodesk Autocad electricalAutodesk Autocad mechanicalAutodesk Autocad mepAutodesk Autocad plant 3dAutodesk Civil 3dAutodesk Advance steelAutodesk Autocad map 3d
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009