First published: Tue Oct 29 2024(Updated: )
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Credit: psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Autocad | >=2025<2025.1.1 | |
Autodesk Autocad Advance Steel | >=2025<2025.1.1 | |
Autodesk AutoCAD Architecture | >=2025<2025.1.1 | |
Autodesk Autocad Civil 3d | >=2025<2025.1.1 | |
Autodesk AutoCAD Electrical | >=2025<2025.1.1 | |
Autodesk Autocad Lt | >=2025<2025.1.1 | |
Autodesk AutoCAD Mechanical | >=2025<2025.1.1 | |
Autodesk AutoCAD MEP | >=2025<2025.1.1 | |
Autodesk AutoCAD Plant 3D | >=2025<2025.1.1 | |
Autodesk Dwg Trueview | >=2025<2025.1.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.