Lucene search
HistoryJun 27, 2023 - 7:15 p.m.
CVE-2023-25004
cve-2023-25004
pskernel.dll
autodesk
integer overflow
code execution
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.6%
A maliciously crafted pskernel.dll file in Autodesk products is used to trigger integer overflow vulnerabilities. Exploitation of these vulnerabilities may lead to code execution.
Affected configurations
Node
autodeskaliasRange2023–2023.1.1
ORautodeskautocadRange2020–2020.1.6
ORautodeskautocadRange2021–2021.1.3
ORautodeskautocadRange2022–2022.1.3
ORautodeskautocadRange2023–2023.1.1
ORautodeskautocad_advance_steelRange2020–2020.1.6
ORautodeskautocad_advance_steelRange2021–2021.1.3
ORautodeskautocad_advance_steelRange2022–2022.1.3
ORautodeskautocad_advance_steelRange2023–2023.1.1
ORautodeskautocad_architectureRange2020–2020.1.6
ORautodeskautocad_architectureRange2021–2021.1.3
ORautodeskautocad_architectureRange2022–2022.1.3
ORautodeskautocad_architectureRange2023–2023.1.1
ORautodeskautocad_civil_3dRange2020–2020.1.6
ORautodeskautocad_civil_3dRange2021–2021.1.3
ORautodeskautocad_civil_3dRange2022–2022.1.3
ORautodeskautocad_civil_3dRange2023–2023.1.1
ORautodeskautocad_electricalRange2020–2020.1.6
ORautodeskautocad_electricalRange2021–2021.1.3
ORautodeskautocad_electricalRange2022–2022.1.3
ORautodeskautocad_electricalRange2023–2023.1.1
ORautodeskautocad_ltRange2020–2020.1.6
ORautodeskautocad_ltRange2021–2021.1.3
ORautodeskautocad_ltRange2022–2022.1.3
ORautodeskautocad_ltRange2023–2023.1.1
ORautodeskautocad_map_3dRange2020–2020.1.6
ORautodeskautocad_map_3dRange2021–2021.1.3
ORautodeskautocad_map_3dRange2022–2022.1.3
ORautodeskautocad_map_3dRange2023–2023.1.1
ORautodeskautocad_mechanicalRange2020–2020.1.6
ORautodeskautocad_mechanicalRange2021–2021.1.3
ORautodeskautocad_mechanicalRange2022–2022.1.3
ORautodeskautocad_mechanicalRange2023–2023.1.1
ORautodeskautocad_mepRange2020–2020.1.6
ORautodeskautocad_mepRange2021–2021.1.3
ORautodeskautocad_mepRange2022–2022.1.3
ORautodeskautocad_mepRange2023–2023.1.1
ORautodeskautocad_plant_3dRange2020–2020.1.6
ORautodeskautocad_plant_3dRange2021–2021.1.3
ORautodeskautocad_plant_3dRange2022–2022.1.3
ORautodeskautocad_plant_3dRange2023–2023.1.1
ORautodeskinfraworksRange2021–2021.2
ORautodeskinfraworksRange2022–2022.1
ORautodeskinfraworksRange2023–2023.1
ORautodeskinventorRange2021–2021.5
ORautodeskinventorRange2022–2022.4
ORautodeskinventorRange2023–2023.3.1
ORautodeskmaya_usdRange2022–2022.5
ORautodeskmaya_usdRange2023–2023.3
ORautodesknavisworksRange2022–2022.4
ORautodesknavisworksRange2023–2023.2
ORautodeskrevitRange2021–2021.1.8
ORautodeskvredRange2023–2023.4
CNA Affected
[
{
"vendor": "n/a",
"product": "Autodesk products",
"versions": [
{
"version": "2023, 2022, 2021, 2020",
"status": "affected"
}
]
}
]Related
prion
prion
Integer overflow
2023-06-27 19:15:00
cvelist
cvelist
CVE-2023-25004
2023-06-27 00:00:00
nvd
nvd
CVE-2023-25004
2023-06-27 19:15:09
nessus
nessus
Autodesk PSKernel Out-of-bounds Read/Write (VRED) (adsk-sa-2023-0009)
2023-05-31 00:00:00
Autodesk PSKernel Out-of-bounds Read/Write (InfraWorks) (adsk-sa-2023-0009)
2023-06-01 00:00:00
Autodesk PSKernel Out-of-bounds Read/Write (AutoCAD) (adsk-sa-2023-0009)
2023-05-18 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.6%
Related for CVE-2023-25004