CVE-2023-29067

CVSS V2 None CVSS V3 None

Description

A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

Overview

CVE ID
CVE-2023-29067

Assigner
psirt@autodesk.com

Vulnerability Status
Analyzed

Published Version
2023-04-14T19:15:09

Last Modified Date
2023-04-20T15:32:06

Weakness Enumerations

CWE	URL
CWE-787	http://cwe.mitre.org/data/definitions/787.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:autodesk:autocad::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_advance_steel::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_architecture::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_civil_3d::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_electrical::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_lt::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_map_3d::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_mechanical::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_mep::::::::	1	OR	2023	2023.1.3
cpe:2.3:a:autodesk:autocad_plant_3d::::::::	1	OR	2023	2023.1.3

References

Reference URL	Reference Tags
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0005

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-29067
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29067

History

Created	Old Value	New Value	Data Type	Notes
2023-04-17 04:44:52				Added to TrackCVE
2023-04-19 17:01:15	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-04-20 16:00:55		2023-04-20T15:32:06	CVE Modified Date	updated
2023-04-20 16:00:55	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-04-20 16:00:56			Weakness Enumeration	new
2023-04-20 16:00:58			CPE Information	updated