First published: Tue Oct 29 2024(Updated: )
A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.
Credit: psirt@autodesk.com
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Any of | ||
AutoCAD | >=2025<2025.1.1 | |
Autodesk AutoCAD Advance Steel | >=2025<2025.1.1 | |
AutoCAD | >=2025<2025.1.1 | |
Autodesk Civil 3D | >=2025<2025.1.1 | |
AutoCAD | >=2025<2025.1.1 | |
AutoCAD | >=2025<2025.1.1 | |
AutoCAD | >=2025<2025.1.1 | |
AutoCAD | >=2025<2025.1.1 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-8588 is considered a high-severity vulnerability due to the potential for arbitrary code execution.
To fix CVE-2024-8588, update Autodesk AutoCAD to the latest version that addresses this vulnerability.
CVE-2024-8588 is triggered by maliciously crafted SLDPRT files when parsed in odxsw_dll.dll.
CVE-2024-8588 can lead to a crash, exposure of sensitive data, or execution of arbitrary code in the context of the current user.
CVE-2024-8588 affects Autodesk AutoCAD versions from 2025 to 2025.1.1.