CVE-2024-23129

A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

Published: Feb 22, 2024
Updated: Jun 26, 2024
CVE: CVE-2024-23129
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
autodesk / autocad	2021	2021.1.4
autodesk / autocad	2022	2022.1.4
autodesk / autocad	2023	2023.1.5
autodesk / autocad	2024	2024.1.3
autodesk / autocad	2025	2025.0.1
autodesk / autocad_architecture	2021	2021.1.4
autodesk / autocad_architecture	2022	2022.1.4
autodesk / autocad_architecture	2023	2023.1.5
autodesk / autocad_architecture	2024	2024.1.3
autodesk / autocad_architecture	2025	2025.0.1
autodesk / autocad_electrical	2021	2021.1.4
autodesk / autocad_electrical	2022	2022.1.4
autodesk / autocad_electrical	2023	2023.1.5
autodesk / autocad_electrical	2024	2024.1.3
autodesk / autocad_electrical	2025	2025.0.1
autodesk / autocad_mechanical	2021	2021.1.4
autodesk / autocad_mechanical	2022	2022.1.4
autodesk / autocad_mechanical	2023	2023.1.5
autodesk / autocad_mechanical	2024	2024.1.3
autodesk / autocad_mechanical	2025	2025.0.1
autodesk / autocad_mep	2021	2021.1.4
autodesk / autocad_mep	2022	2022.1.4
autodesk / autocad_mep	2023	2023.1.5
autodesk / autocad_mep	2024	2024.1.3
autodesk / autocad_mep	2025	2025.0.1
autodesk / autocad_plant_3d	2021	2021.1.4
autodesk / autocad_plant_3d	2022	2022.1.4
autodesk / autocad_plant_3d	2023	2023.1.5
autodesk / autocad_plant_3d	2024	2024.1.3
autodesk / autocad_plant_3d	2025	2025.0.1
autodesk / civil_3d	2021	2021.1.4
autodesk / civil_3d	2022	2022.1.4
autodesk / civil_3d	2023	2023.1.5
autodesk / civil_3d	2024	2024.1.3
autodesk / civil_3d	2025	2025.0.1
autodesk / advance_steel	2021	2021.1.4
autodesk / advance_steel	2022	2022.1.4
autodesk / advance_steel	2023	2023.1.5
autodesk / advance_steel	2024	2024.1.3
autodesk / advance_steel	2025	2025.0.1
autodesk / autocad_map_3d	2021	2021.1.4
autodesk / autocad_map_3d	2022	2022.1.4
autodesk / autocad_map_3d	2023	2023.1.5
autodesk / autocad_map_3d	2024	2024.1.3
autodesk / autocad_map_3d	2025	2025.0.1

Vulnerability Database

289,697

CVE-2024-23129