Overview
- Description
- A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
- Source
- psirt@autodesk.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
CVE-2024-7994 Stack-Based Buffer Overflow in Autodesk Revit via Malicious RFA File A Stack-Based Buffer Overflow vulnerability is present in Autodesk Revit when processing a malicious RFA file. An attacker can us... https://t.co/zRd1P71irn
@VulmonFeeds
42 Impressions
1 Retweet
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2024-7994 A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause … https://t.co/Se59mLTgce
@CVEnew
584 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5391738-3303-45EE-9530-0EE27781B541",
"versionEndExcluding": "2024.3",
"versionStartIncluding": "2024"
},
{
"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A72AC7E-0FF8-4365-8FAB-17E805ECDC2F",
"versionEndExcluding": "2025.3",
"versionStartIncluding": "2025"
}
],
"operator": "OR"
}
]
}
]