CVE-2024-23134

Published Feb 22, 2024
Last updated 7 days ago
CVSS high 7.8
Overview

Description: A maliciously crafted IGS file in tbb.dll when parsed through Autodesk AutoCAD can be used in user-after-free vulnerability. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
Source: psirt@autodesk.com
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Secondary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH
Weaknesses

psirt@autodesk.com: CWE-416
nvd@nist.gov: CWE-416
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "87CE995F-0A26-4A6B-ADAD-BD92DE041CC0",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE884173-F3DD-499F-BD76-30163694A4C8",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F731E320-ECF2-4475-A272-1F5001F69F6C",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E84F5F3-11EC-4F50-A876-82A3711B2887",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D2E7315F-F000-4259-9B22-19155ECFF63C",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3ECBFF29-3DF6-486F-AD72-96D27CC606CA",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E605F3C7-2CE6-47D2-9FD9-894F2DA6653B",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6B0C6F22-AD34-47F3-BD17-44BDDBD1DF54",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "806EBADF-277C-45C8-95C8-9DDDC3A587F2",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84FA9407-98AC-4ABC-B406-76A9D324C070",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5833D3EE-E6F2-4F72-B66A-D1441E3A4F32",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EC7C7DA-1682-43FF-8515-2C5E6C9CC502",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A71C7E76-81BB-40C7-AE45-65E26651FA04",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B77DFA45-167C-453A-A543-16A4A51514B4",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EAD1ED0-0761-49CA-BAF0-2A4EB39FEEFD",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "770B3D64-582F-453E-A8CD-D2B655EEA3DF",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C12DA888-C72E-424A-9A66-2B72C3885022",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDA5C264-8E3E-4EB3-A586-BAF5076F9B5F",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7019B5E-D425-41CC-9F35-D4A92597BA6A",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0BECC47B-077B-4448-AB37-FDA334A1CDA9",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A16CEB16-2B44-4AF2-A0F4-497F30DC70CC",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BDB09F0-77AB-4177-9059-F67A7D2781A2",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "94B704A0-03BB-4F75-8621-142FC2EB3F3F",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF2BDC5F-7710-4C2A-AF60-71F3A1E4B020",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "15E49672-CBD2-4052-AC01-F0B02AF94AAF",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEFE632B-569A-433B-96C1-FF87BD35F168",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93561E79-EBDF-4DE1-92F8-CF5764932523",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "798D132D-E71C-4C94-A2A4-B5ED222FE2A0",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4C1FC811-08B1-4C9D-B65D-7BACAC04A72C",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F745DE13-EA25-48E7-9DC0-8A11051D3DB1",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57C7AA10-6C8D-4CD7-8BBE-1B7069F9DC48",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5068B231-93C3-4CAF-A679-A87117016472",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5622C87-4585-4EBD-A868-95DF104C6B8F",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1930F6C-449E-481A-8E7E-48CF14FF4310",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F954159B-F922-4D0D-826D-A5390C94DFA2",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70BC67D3-9BB7-4882-ACF7-3866AB487555",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1FF491D7-280B-4DEE-B912-8677F62D3195",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B09BA7FD-4C04-4B7A-9824-19F918651A5B",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B55C95F-762E-4356-9A5C-83CFFC99A743",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "01723BB3-1692-41D5-9123-5FB17F8C44AD",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7169F2CB-58BB-46C2-883D-4FE3E66A4940",
            "versionEndExcluding": "2021.1.4",
            "versionStartIncluding": "2021"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4540CC32-0DDA-4483-A087-D95C3C610287",
            "versionEndExcluding": "2022.1.4",
            "versionStartIncluding": "2022"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB7AE2EA-96D5-47AE-A667-AFD5F57047B4",
            "versionEndExcluding": "2023.1.5",
            "versionStartIncluding": "2023"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E44032A-F590-43E0-92DF-5FD3E142E147",
            "versionEndExcluding": "2024.1.3",
            "versionStartIncluding": "2024"
          },
          {
            "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "407362FB-1FC4-4B78-843B-C64539AEE7F9",
            "versionEndExcluding": "2025.0.1",
            "versionStartIncluding": "2025"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
