Vulnerability Details CVE-2024-23140
A maliciously crafted 3DM and MODEL file, when parsed in opennurbs.dll and atf_api.dll through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.1%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2024-23140
-
cpe:2.3:a:autodesk:advance_steel:2022
-
cpe:2.3:a:autodesk:advance_steel:2022.0.1
-
cpe:2.3:a:autodesk:advance_steel:2022.1.2
-
cpe:2.3:a:autodesk:advance_steel:2022.1.4
-
cpe:2.3:a:autodesk:advance_steel:2023
-
cpe:2.3:a:autodesk:advance_steel:2023.1.5
-
cpe:2.3:a:autodesk:advance_steel:2024
-
cpe:2.3:a:autodesk:advance_steel:2024.1.3
-
cpe:2.3:a:autodesk:advance_steel:2025
-
cpe:2.3:a:autodesk:advance_steel:2025.0.1
-
cpe:2.3:a:autodesk:autocad:2022
-
cpe:2.3:a:autodesk:autocad:2022.0.1
-
cpe:2.3:a:autodesk:autocad:2022.1
-
cpe:2.3:a:autodesk:autocad:2022.1.2
-
cpe:2.3:a:autodesk:autocad:2022.1.4
-
cpe:2.3:a:autodesk:autocad:2023
-
cpe:2.3:a:autodesk:autocad:2023.1.5
-
cpe:2.3:a:autodesk:autocad:2024
-
cpe:2.3:a:autodesk:autocad:2024.1.3
-
cpe:2.3:a:autodesk:autocad:2025
-
cpe:2.3:a:autodesk:autocad:2025.0.1
-
cpe:2.3:a:autodesk:autocad_architecture:2022
-
cpe:2.3:a:autodesk:autocad_architecture:2022.0.1
-
cpe:2.3:a:autodesk:autocad_architecture:2022.1.2
-
cpe:2.3:a:autodesk:autocad_architecture:2022.1.4
-
cpe:2.3:a:autodesk:autocad_architecture:2023
-
cpe:2.3:a:autodesk:autocad_architecture:2023.1.5
-
cpe:2.3:a:autodesk:autocad_architecture:2024
-
cpe:2.3:a:autodesk:autocad_architecture:2024.1.3
-
cpe:2.3:a:autodesk:autocad_architecture:2025
-
cpe:2.3:a:autodesk:autocad_architecture:2025.0.1
-
cpe:2.3:a:autodesk:autocad_electrical:2022
-
cpe:2.3:a:autodesk:autocad_electrical:2022.0.1
-
cpe:2.3:a:autodesk:autocad_electrical:2022.1.2
-
cpe:2.3:a:autodesk:autocad_electrical:2022.1.4
-
cpe:2.3:a:autodesk:autocad_electrical:2023
-
cpe:2.3:a:autodesk:autocad_electrical:2023.1.5
-
cpe:2.3:a:autodesk:autocad_electrical:2024
-
cpe:2.3:a:autodesk:autocad_electrical:2024.1.3
-
cpe:2.3:a:autodesk:autocad_electrical:2025
-
cpe:2.3:a:autodesk:autocad_electrical:2025.0.1
-
cpe:2.3:a:autodesk:autocad_electrical:2025.0.2
-
cpe:2.3:a:autodesk:autocad_map_3d:2022
-
cpe:2.3:a:autodesk:autocad_map_3d:2022.0.1
-
cpe:2.3:a:autodesk:autocad_map_3d:2022.1.2
-
cpe:2.3:a:autodesk:autocad_map_3d:2022.1.4
-
cpe:2.3:a:autodesk:autocad_map_3d:2023
-
cpe:2.3:a:autodesk:autocad_map_3d:2023.1.5
-
cpe:2.3:a:autodesk:autocad_map_3d:2024
-
cpe:2.3:a:autodesk:autocad_map_3d:2024.1.3
-
cpe:2.3:a:autodesk:autocad_map_3d:2025
-
cpe:2.3:a:autodesk:autocad_map_3d:2025.0.1
-
cpe:2.3:a:autodesk:autocad_mechanical:2022
-
cpe:2.3:a:autodesk:autocad_mechanical:2022.0.1
-
cpe:2.3:a:autodesk:autocad_mechanical:2022.1.2
-
cpe:2.3:a:autodesk:autocad_mechanical:2022.1.4
-
cpe:2.3:a:autodesk:autocad_mechanical:2023
-
cpe:2.3:a:autodesk:autocad_mechanical:2023.1.5
-
cpe:2.3:a:autodesk:autocad_mechanical:2024
-
cpe:2.3:a:autodesk:autocad_mechanical:2024.1.3
-
cpe:2.3:a:autodesk:autocad_mechanical:2025
-
cpe:2.3:a:autodesk:autocad_mechanical:2025.0.1
-
cpe:2.3:a:autodesk:autocad_mep:2022
-
cpe:2.3:a:autodesk:autocad_mep:2022.0.1
-
cpe:2.3:a:autodesk:autocad_mep:2022.1.2
-
cpe:2.3:a:autodesk:autocad_mep:2022.1.4
-
cpe:2.3:a:autodesk:autocad_mep:2023
-
cpe:2.3:a:autodesk:autocad_mep:2023.1.5
-
cpe:2.3:a:autodesk:autocad_mep:2024
-
cpe:2.3:a:autodesk:autocad_mep:2024.1.3
-
cpe:2.3:a:autodesk:autocad_mep:2025
-
cpe:2.3:a:autodesk:autocad_mep:2025.0.1
-
cpe:2.3:a:autodesk:autocad_plant_3d:2022
-
cpe:2.3:a:autodesk:autocad_plant_3d:2022.0.1
-
cpe:2.3:a:autodesk:autocad_plant_3d:2022.1.2
-
cpe:2.3:a:autodesk:autocad_plant_3d:2022.1.4
-
cpe:2.3:a:autodesk:autocad_plant_3d:2023
-
cpe:2.3:a:autodesk:autocad_plant_3d:2023.1.5
-
cpe:2.3:a:autodesk:autocad_plant_3d:2024
-
cpe:2.3:a:autodesk:autocad_plant_3d:2024.1.3
-
cpe:2.3:a:autodesk:autocad_plant_3d:2025
-
cpe:2.3:a:autodesk:autocad_plant_3d:2025.0.1
-
cpe:2.3:a:autodesk:civil_3d:2022
-
cpe:2.3:a:autodesk:civil_3d:2022.0.1
-
cpe:2.3:a:autodesk:civil_3d:2022.1.1
-
cpe:2.3:a:autodesk:civil_3d:2022.1.2
-
cpe:2.3:a:autodesk:civil_3d:2022.1.4
-
cpe:2.3:a:autodesk:civil_3d:2023
-
cpe:2.3:a:autodesk:civil_3d:2023.1.5
-
cpe:2.3:a:autodesk:civil_3d:2024
-
cpe:2.3:a:autodesk:civil_3d:2024.1.3
-
cpe:2.3:a:autodesk:civil_3d:2025
-
cpe:2.3:a:autodesk:civil_3d:2025.0.1