Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

Unknown

Privileges Required

Unknown

Attack Vector

Unknown

CVE-2024-23148

Disclosure Date: June 25, 2024 •

CVE-2024-23148

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

None

Impact Score:

Unknown

Exploitability Score:

Unknown

Vector:

Unknown

Attack Vector (AV):

Unknown

Attack Complexity (AC):

Unknown

Privileges Required (PR):

Unknown

User Interaction (UI):

Unknown

Scope (S):

Unknown

Confidentiality (C):

Unknown

Integrity (I):

Unknown

Availability (A):

Unknown

General Information

Offensive Application

Unknown

Utility Class

Unknown

Ports

Unknown

Vulnerable Versions

AutoCAD 2025.1

AutoCAD 2024.1.4

AutoCAD 2023.1.6

AutoCAD 2022.1.5

AutoCAD Architecture 2025.1

AutoCAD Architecture 2024.1.4

AutoCAD Architecture 2023.1.6

AutoCAD Architecture 2022.1.5

AutoCAD Electrical 2025.1

AutoCAD Electrical 2024.1.4

AutoCAD Electrical 2023.1.6

AutoCAD Electrical 2022.1.5

AutoCAD Mechanical 2025.1

AutoCAD Mechanical 2024.1.4

AutoCAD Mechanical 2023.1.6

AutoCAD Mechanical 2022.1.5

AutoCAD MEP 2025.1

AutoCAD MEP 2024.1.4

AutoCAD MEP 2023.1.6

AutoCAD MEP 2022.1.5

AutoCAD Plant 3D 2025.1

AutoCAD Plant 3D 2024.1.4

AutoCAD Plant 3D 2023.1.6

AutoCAD Plant 3D 2022.1.5

Civil 3D 2025.1

Civil 3D 2024.1.4

Civil 3D 2023.1.6

Civil 3D 2022.1.5

Advance Steel 2025.1

Advance Steel 2024.1.4

Advance Steel 2023.1.6

Advance Steel 2022.1.5

AutoCAD MAP 3D 2025.1

AutoCAD MAP 3D 2024.1.4

AutoCAD MAP 3D 2023.1.6

AutoCAD MAP 3D 2022.1.5

Prerequisites

Unknown

Discovered By

Unknown

PoC Author

Unknown

Metasploit Module

Unknown

Reporter

Unknown

Vendors

Autodesk

Products

References

Canonical

CVE-2024-23148 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23148)

Miscellaneous

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009

Rapid7

Unknown

CVE-2024-23148

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-23148

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2024-23148

Unknown

Unknown

Unknown

Unknown

Unknown

CVE-2024-23148

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification