ГлавнаяУязвимости → CVE-2024-8587
7.8высокая

CVE-2024-8587

Описание

A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Затрагиваемое ПО
Autodesk Advance steelAutodesk AutocadAutodesk Autocad architectureAutodesk Autocad electricalAutodesk Autocad mechanicalAutodesk Autocad mepAutodesk Autocad plant 3dAutodesk Civil 3d
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019