CVE-2023-29073

CVE-2023-29073

Vendor Autodesk
Product AutoCAD, Advance Steel and Civil 3D
Weakness CWE-122
Published November 23, 2023
Last update August 2, 2024

CVSS base score

What the vulnerability does

01Description

A maliciously crafted MODEL file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to cause a Heap-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Key dates

02Disclosure timeline

November 23, 2023 CVE published
August 2, 2024 Record updated