CVE-2024-23137

A maliciously crafted STP or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.

Published: Feb 22, 2024
Updated: Jun 26, 2024
CVE: CVE-2024-23137
Exploit:

No technical information available.

CWEs:

CWE-908

Affected Software
References

Software	From	Fixed in
autodesk / autocad	2021	2021.1.4
autodesk / autocad	2022	2022.1.4
autodesk / autocad	2023	2023.1.5
autodesk / autocad	2024	2024.1.3
autodesk / autocad	2025	2025.0.1
autodesk / autocad_architecture	2021	2021.1.4
autodesk / autocad_architecture	2022	2022.1.4
autodesk / autocad_architecture	2023	2023.1.5
autodesk / autocad_architecture	2024	2024.1.3
autodesk / autocad_architecture	2025	2025.0.1
autodesk / autocad_electrical	2021	2021.1.4
autodesk / autocad_electrical	2022	2022.1.4
autodesk / autocad_electrical	2023	2023.1.5
autodesk / autocad_electrical	2024	2024.1.3
autodesk / autocad_electrical	2025	2025.0.1
autodesk / autocad_mechanical	2021	2021.1.4
autodesk / autocad_mechanical	2022	2022.1.4
autodesk / autocad_mechanical	2023	2023.1.5
autodesk / autocad_mechanical	2024	2024.1.3
autodesk / autocad_mechanical	2025	2025.0.1
autodesk / autocad_mep	2021	2021.1.4
autodesk / autocad_mep	2022	2022.1.4
autodesk / autocad_mep	2023	2023.1.5
autodesk / autocad_mep	2024	2024.1.3
autodesk / autocad_mep	2025	2025.0.1
autodesk / autocad_plant_3d	2021	2021.1.4
autodesk / autocad_plant_3d	2022	2022.1.4
autodesk / autocad_plant_3d	2023	2023.1.5
autodesk / autocad_plant_3d	2024	2024.1.3
autodesk / autocad_plant_3d	2025	2025.0.1
autodesk / civil_3d	2021	2021.1.4
autodesk / civil_3d	2022	2022.1.4
autodesk / civil_3d	2023	2023.1.5
autodesk / civil_3d	2024	2024.1.3
autodesk / civil_3d	2025	2025.0.1
autodesk / advance_steel	2021	2021.1.4
autodesk / advance_steel	2022	2022.1.4
autodesk / advance_steel	2023	2023.1.5
autodesk / advance_steel	2024	2024.1.3
autodesk / advance_steel	2025	2025.0.1
autodesk / autocad_map_3d	2021	2021.1.4
autodesk / autocad_map_3d	2022	2022.1.4
autodesk / autocad_map_3d	2023	2023.1.5
autodesk / autocad_map_3d	2024	2024.1.3
autodesk / autocad_map_3d	2025	2025.0.1

Vulnerability Database

289,784

CVE-2024-23137