Vulnerability Details CVE-2024-7991
A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.8%
CVSS Severity
CVSS v3 Score 7.8
Products affected by CVE-2024-7991
-
cpe:2.3:a:autodesk:autocad:2025
-
cpe:2.3:a:autodesk:autocad:2025.0.1
-
cpe:2.3:a:autodesk:autocad:2025.01
-
cpe:2.3:a:autodesk:autocad:2025.1
-
cpe:2.3:a:autodesk:autocad_advance_steel:*
-
cpe:2.3:a:autodesk:autocad_architecture:2025
-
cpe:2.3:a:autodesk:autocad_architecture:2025.0.1
-
cpe:2.3:a:autodesk:autocad_civil_3d:*
-
cpe:2.3:a:autodesk:autocad_electrical:2025
-
cpe:2.3:a:autodesk:autocad_electrical:2025.0.1
-
cpe:2.3:a:autodesk:autocad_electrical:2025.0.2
-
cpe:2.3:a:autodesk:autocad_lt:*
-
cpe:2.3:a:autodesk:autocad_mechanical:2025
-
cpe:2.3:a:autodesk:autocad_mechanical:2025.0.1
-
cpe:2.3:a:autodesk:autocad_mep:2025
-
cpe:2.3:a:autodesk:autocad_mep:2025.0.1
-
cpe:2.3:a:autodesk:autocad_plant_3d:2025
-
cpe:2.3:a:autodesk:autocad_plant_3d:2025.0.1
-
cpe:2.3:a:autodesk:autocad_plant_3d:2025.1
-
cpe:2.3:a:autodesk:dwg_trueview:*