A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
05 Jul 2023, 16:29
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:navisworks:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:infraworks:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:vred:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:maya_usd:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* |
|
First Time |
Autodesk vred
Autodesk autocad Advance Steel Autodesk alias Autodesk autocad Map 3d Autodesk autocad Lt Autodesk inventor Autodesk autocad Autodesk maya Usd Autodesk autocad Electrical Autodesk autocad Architecture Autodesk Autodesk revit Autodesk autocad Civil 3d Autodesk navisworks Autodesk autocad Mechanical Autodesk infraworks Autodesk autocad Plant 3d Autodesk autocad Mep |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-190 | |
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009 - Vendor Advisory |
27 Jun 2023, 20:45
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-27 19:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-25004
Mitre link : CVE-2023-25004
CVE.ORG link : CVE-2023-25004
JSON object : View
Products Affected
autodesk
- autocad_map_3d
- autocad_electrical
- autocad_mep
- infraworks
- navisworks
- alias
- revit
- autocad_architecture
- maya_usd
- inventor
- autocad_advance_steel
- autocad_mechanical
- vred
- autocad
- autocad_plant_3d
- autocad_lt
- autocad_civil_3d
CWE
CWE-190
Integer Overflow or Wraparound