CVE-2024-23133

Description

A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

CVSS breakdown

Affected products

• autodesk / advance_steel2025 – 2025
• autodesk / advance_steel2021 – 2021
• autodesk / advance_steel2022 – 2022
• autodesk / advance_steel2023 – 2023
• autodesk / advance_steel2024 – 2024
• autodesk / autocad2021 – 2021
• autodesk / autocad2022 – 2022
• autodesk / autocad2023 – 2023
• autodesk / autocad2024 – 2024
• autodesk / autocad2025 – 2025
• autodesk / autocad_architecture2025 – 2025
• autodesk / autocad_architecture2024 – 2024
• autodesk / autocad_architecture2023 – 2023
• autodesk / autocad_architecture2022 – 2022
• autodesk / autocad_architecture2021 – 2021
• autodesk / autocad_electrical2021 – 2021
• autodesk / autocad_electrical2022 – 2022
• autodesk / autocad_electrical2023 – 2023
• autodesk / autocad_electrical2024 – 2024
• autodesk / autocad_electrical2025 – 2025
• autodesk / autocad_map_3d2021 – 2021
• autodesk / autocad_map_3d2025 – 2025
• autodesk / autocad_map_3d2024 – 2024
• autodesk / autocad_map_3d2023 – 2023
• autodesk / autocad_map_3d2022 – 2022
• autodesk / autocad_mechanical2021 – 2021
• autodesk / autocad_mechanical2025 – 2025
• autodesk / autocad_mechanical2024 – 2024
• autodesk / autocad_mechanical2022 – 2022
• autodesk / autocad_mechnaical2023 – 2023
• autodesk / autocad_mep2021 – 2021
• autodesk / autocad_mep2025 – 2025
• autodesk / autocad_mep2024 – 2024
• autodesk / autocad_mep2023 – 2023
• autodesk / autocad_mep2022 – 2022
• autodesk / autocad_plant_3d2025 – 2025
• autodesk / autocad_plant_3d2021 – 2021
• autodesk / autocad_plant_3d2022 – 2022
• autodesk / autocad_plant_3d2023 – 2023
• autodesk / autocad_plant_3d2024 – 2024
• autodesk / civil_3d2021 – 2021
• autodesk / civil_3d2025 – 2025
• autodesk / civil_3d2024 – 2024
• autodesk / civil_3d2023 – 2023
• autodesk / civil_3d2022 – 2022

References

• VENDOR_ADVISORYhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002
• VENDOR_ADVISORYhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004