ГлавнаяУязвимости → CVE-2024-8592
7.8высокая

CVE-2024-8592

→ есть в БДУ: BDU:2024-09746 (на русском)
Описание (на английском; русское — в БДУ выше)

A maliciously crafted CATPART file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

Затрагиваемое ПО
Autodesk AutocadAutodesk Autocad advance steelAutodesk Autocad architectureAutodesk Autocad civil 3dAutodesk Autocad electricalAutodesk Autocad mechanicalAutodesk Autocad mepAutodesk Autocad plant 3dMicrosoft Windows
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0020