Описание
A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.
Затрагиваемое ПО
Autodesk Advance steelAutodesk Civil 3dAutodesk Autocad plant 3dAutodesk Autocad mepAutodesk Autocad mechanicalAutodesk Autocad map 3dAutodesk Autocad electricalAutodesk Autocad architectureAutodesk Autocad
CVSS
| Балл | 7.8 — высокая |
| Вектор | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Источники
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009