Design/Logic Flaw

2024-02-2200:15:00

PRIOn knowledge base

www.prio-n.com

autodesk autocad

stp file

arbitrary code execution

flaw

sensitive data

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

16.1%

JSON

A maliciously crafted STP file in ASMIMPORT228A.dll when parsed through
Autodesk AutoCAD can force an Out-of-Bound Write. A malicious actor can
leverage this vulnerability to cause a crash, write sensitive data, or execute
arbitrary code in the context of the current process.