CVE-2024-7991 | THREATINT

Description

A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Reserved 2024-08-19 | Published 2024-10-29 | Updated 2024-11-15 | Assigner autodesk

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-787 Out-of-bounds Write

Product status

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

Default status

unaffected

2025

affected

References

autodesk.com/trust/security-advisories/adsk-sa-2024-0021

cve.org (CVE-2024-7991)

nvd.nist.gov (CVE-2024-7991)

Download JSON