Description
A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Autodesk | AutoCAD | unaffected |
|
|||||||||||||||
| Autodesk | AutoCAD Architecture | unaffected |
|
|||||||||||||||
| Autodesk | AutoCAD Electrical | unaffected |
|
|||||||||||||||
| Autodesk | AutoCAD MAP 3D | unaffected |
|
|||||||||||||||
| Autodesk | AutoCAD Mechanical | unaffected |
|
|||||||||||||||
| Autodesk | AutoCAD MEP | unaffected |
|
|||||||||||||||
| Autodesk | AutoCAD Plant 3D | unaffected |
|
|||||||||||||||
| Autodesk | Civil 3D | unaffected |
|
|||||||||||||||
| Autodesk | Advance Steel | unaffected |
|
Configuration 1 [-]
| AND |
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2024-49617 | A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. |
References
History
Tue, 26 Aug 2025 18:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Autodesk advance Steel
Autodesk autocad Map 3d Autodesk civil 3d |
|
| CPEs | cpe:2.3:a:autodesk:advance_steel:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2022:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2024:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2025:*:*:*:*:*:*:* |
|
| Vendors & Products |
Autodesk advance Steel
Autodesk autocad Map 3d Autodesk civil 3d |
Tue, 15 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Fri, 11 Apr 2025 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Fri, 11 Apr 2025 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 10 Feb 2025 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force an Out-of-Bound Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. |
Mon, 03 Feb 2025 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 03 Feb 2025 17:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Fri, 01 Nov 2024 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Autodesk
Autodesk autocad Autodesk autocad Advance Steel Autodesk autocad Architecture Autodesk autocad Civil 3d Autodesk autocad Electrical Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Microsoft Microsoft windows |
|
| CPEs | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
| Vendors & Products |
Autodesk
Autodesk autocad Autodesk autocad Advance Steel Autodesk autocad Architecture Autodesk autocad Civil 3d Autodesk autocad Electrical Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Microsoft Microsoft windows |
Wed, 30 Oct 2024 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 29 Oct 2024 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force an Out-of-Bound Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |
| Title | Autodesk AutoCAD MODEL File Parsing Out-Of-Bounds Write Code Execution Vulnerability | |
| Weaknesses | CWE-787 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
Autodesk
Subscribe
Advance Steel
Subscribe
Autocad
Subscribe
Autocad Advance Steel
Subscribe
Autocad Architecture
Subscribe
Autocad Civil 3d
Subscribe
Autocad Electrical
Subscribe
Autocad Map 3d
Subscribe
Autocad Mechanical
Subscribe
Autocad Mep
Subscribe
Autocad Plant 3d
Subscribe
Civil 3d
Subscribe
Microsoft
Subscribe
Windows
Subscribe
MITRE
Status: PUBLISHED
Assigner: autodesk
Published:
Updated: 2025-08-26T18:35:04.695Z
Reserved: 2024-09-09T04:55:18.208Z
Link: CVE-2024-8596
Vulnrichment
Updated: 2024-10-30T14:02:32.419Z
NVD
Status : Modified
Published: 2024-10-29T22:15:07.510
Modified: 2025-04-11T17:15:41.090
Link: CVE-2024-8596
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses