{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-41139", "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "state": "PUBLISHED", "assignerShortName": "autodesk", "dateReserved": "2023-08-23T17:55:48.799Z", "datePublished": "2023-11-23T03:53:09.761Z", "dateUpdated": "2024-08-02T18:54:03.927Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "product": "AutoCAD, Advance Steel and Civil 3D", "vendor": "Autodesk", "versions": [{"status": "affected", "version": "2024, 2023"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.</span><br>"}], "value": "A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\n"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-822", "description": "CWE-822: Untrusted Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7e40ea87-bc65-4944-9723-dd79dd760601", "shortName": "autodesk", "dateUpdated": "2023-11-23T03:53:09.761Z"}, "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:54:03.927Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:*", "matchCriteriaId": "A383FEED-E3E3-405E-B68F-BFD7CCA9E6B8", "versionEndExcluding": "2024.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "C53280C1-2A72-455E-965C-06613E469420", "versionEndExcluding": "2023.1.4", "versionStartIncluding": "2023.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:*", "matchCriteriaId": "417B7F6E-18F2-4020-84B4-55191714504F", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3C1B51F8-FACC-422B-AB62-571C8534279C", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5D5A59C7-068D-4F8D-95ED-B7A5F2AA55F8", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "3524F041-03B7-46A6-AB92-4AA59DD79903", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*", "matchCriteriaId": "4036CA65-3E98-43B5-95D4-7AC1E5345664", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0DE2E5C-0C3B-4E25-B380-ABFBFC34B9D9", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "982AD391-3D1B-4923-97A5-B2AA41BE2CAC", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "80BDD7F9-1D15-4D35-9726-C931BCEE5F05", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*", "matchCriteriaId": "77484E5B-F84E-472E-B151-53FF2667C783", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "96B75F1C-FFBB-4B13-8F05-4D7B26F4C58C", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:*", "matchCriteriaId": "D5B21F42-E57A-4501-A2BE-6F99122BCBFC", "versionEndExcluding": "2024.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:*", "matchCriteriaId": "2225348E-5552-492C-A2DB-C5693516019C", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B450512-9CB3-4CAF-B90C-1EE0194CA665", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "2A778F8B-9BB9-4B7A-81B1-DCEDCB493408", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "049B25B6-08E3-4D3D-8E7B-3724B53063F0", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*", "matchCriteriaId": "7A8BF172-C18C-40D3-8917-6C33D0144D3E", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC4656EC-02E1-41DF-8FEA-668DE950FA79", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*", "matchCriteriaId": "67E135A2-2C3E-4550-B239-3013C7FA586A", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFDAEB3D-CDF1-4E2F-B1D5-6D4140E8A65C", "versionEndExcluding": "2023.1.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*", "matchCriteriaId": "5CB26133-E6B9-4D0C-9A58-F564FFB11EF3", "versionEndExcluding": "2024.1.1", "versionStartIncluding": "2024.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.\n"}, {"lang": "es", "value": "Un archivo STP creado con fines malintencionados, cuando se analiza mediante Autodesk AutoCAD 2024 y 2023, se puede utilizar para eliminar la referencia a un puntero que no es de confianza. Esta vulnerabilidad, junto con otras vulnerabilidades, podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo en el proceso actual."}], "id": "CVE-2023-41139", "lastModified": "2024-11-21T08:20:39.620", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-23T04:15:07.467", "references": [{"source": "psirt@autodesk.com", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018"}], "sourceIdentifier": "psirt@autodesk.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-822"}], "source": "psirt@autodesk.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}