Lucene search
AutodeskCVE-2023-29068HistoryJun 27, 2023 - 7:15 p.m.
CVE-2023-29068
2023-06-2719:15:09
CWE-787
autodesk
web.nvd.nist.gov
30
cve-2023-29068
nvd
memory corruption
pskernel.dll
code execution
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
23.1%
A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Affected configurations
Node
autodeskaliasRange2023–2023.1.1
ORautodeskautocadRange2020–2020.1.6
ORautodeskautocadRange2021–2021.1.3
ORautodeskautocadRange2022–2022.1.3
ORautodeskautocadRange2023–2023.1.1
ORautodeskautocad_advance_steelRange2020–2020.1.6
ORautodeskautocad_advance_steelRange2021–2021.1.3
ORautodeskautocad_advance_steelRange2022–2022.1.3
ORautodeskautocad_advance_steelRange2023–2023.1.1
ORautodeskautocad_architectureRange2020–2020.1.6
ORautodeskautocad_architectureRange2021–2021.1.3
ORautodeskautocad_architectureRange2022–2022.1.3
ORautodeskautocad_architectureRange2023–2023.1.1
ORautodeskautocad_civil_3dRange2020–2020.1.6
ORautodeskautocad_civil_3dRange2021–2021.1.3
ORautodeskautocad_civil_3dRange2022–2022.1.3
ORautodeskautocad_civil_3dRange2023–2023.1.1
ORautodeskautocad_electricalRange2020–2020.1.6
ORautodeskautocad_electricalRange2021–2021.1.3
ORautodeskautocad_electricalRange2022–2022.1.3
ORautodeskautocad_electricalRange2023–2023.1.1
ORautodeskautocad_ltRange2020–2020.1.6
ORautodeskautocad_ltRange2021–2021.1.3
ORautodeskautocad_ltRange2022–2022.1.3
ORautodeskautocad_ltRange2023–2023.1.1
ORautodeskautocad_map_3dRange2020–2020.1.6
ORautodeskautocad_map_3dRange2021–2021.1.3
ORautodeskautocad_map_3dRange2022–2022.1.3
ORautodeskautocad_map_3dRange2023–2023.1.1
ORautodeskautocad_mechanicalRange2020–2020.1.6
ORautodeskautocad_mechanicalRange2021–2021.1.3
ORautodeskautocad_mechanicalRange2022–2022.1.3
ORautodeskautocad_mechanicalRange2023–2023.1.1
ORautodeskautocad_mepRange2020–2020.1.6
ORautodeskautocad_mepRange2021–2021.1.3
ORautodeskautocad_mepRange2022–2022.1.3
ORautodeskautocad_mepRange2023–2023.1.1
ORautodeskautocad_plant_3dRange2020–2020.1.6
ORautodeskautocad_plant_3dRange2021–2021.1.3
ORautodeskautocad_plant_3dRange2022–2022.1.3
ORautodeskautocad_plant_3dRange2023–2023.1.1
ORautodeskinfraworksRange2021–2021.2
ORautodeskinfraworksRange2022–2022.1
ORautodeskinfraworksRange2023–2023.1
ORautodeskinventorRange2021–2021.5
ORautodeskinventorRange2022–2022.4
ORautodeskinventorRange2023–2023.3.1
ORautodeskmaya_usdRange2022–2022.5
ORautodeskmaya_usdRange2023–2023.3
ORautodesknavisworksRange2022–2022.4
ORautodesknavisworksRange2023–2023.2
ORautodeskrevitRange2021–2021.1.8
ORautodeskvredRange2023–2023.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| autodesk | alias | * | cpe:2.3:a:autodesk:alias:*:*:*:*:*:*:*:* |
| autodesk | autocad | * | cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* |
| autodesk | autocad_advance_steel | * | cpe:2.3:a:autodesk:autocad_advance_steel:*:*:*:*:*:*:*:* |
| autodesk | autocad_architecture | * | cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* |
| autodesk | autocad_civil_3d | * | cpe:2.3:a:autodesk:autocad_civil_3d:*:*:*:*:*:*:*:* |
| autodesk | autocad_electrical | * | cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* |
| autodesk | autocad_lt | * | cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:*:*:* |
| autodesk | autocad_map_3d | * | cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* |
| autodesk | autocad_mechanical | * | cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* |
| autodesk | autocad_mep | * | cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Autodesk products",
"versions": [
{
"version": "2023, 2022, 2021, 2020",
"status": "affected"
}
]
}
]Related
prion
prion
Memory corruption
2023-06-27 19:15:00
cvelist
cvelist
CVE-2023-29068
2023-06-27 00:00:00
nvd
nvd
CVE-2023-29068
2023-06-27 19:15:09
nessus
nessus
Autodesk PSKernel Out-of-bounds Read/Write (InfraWorks) (adsk-sa-2023-0009)
2023-06-01 00:00:00
Autodesk PSKernel Out-of-bounds Read/Write (VRED) (adsk-sa-2023-0009)
2023-05-31 00:00:00
Autodesk PSKernel Out-of-bounds Read/Write (AutoCAD) (adsk-sa-2023-0009)
2023-05-18 00:00:00
CVSS3
7.8
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
23.1%
Related for CVE-2023-29068