CVE-2024-23131: Memory Corruption Vulnerability in Autodesk AutoCAD due to Maliciously Crafted STP Files and the Potential for Code Execution

An alarming security vulnerability has been discovered in Autodesk AutoCAD, which affects how the program handles certain STP files. The specific components vulnerable include the ASMKERN228A.dll and ASMDATAX228A.dll libraries. This vulnerability, designated as CVE-2024-23131, could lead to a memory corruption vulnerability resulting from a write access violation. Furthermore, this vulnerability could potentially be used in conjunction with other vulnerabilities to execute code in the context of the current process, leading to containing serious implications for affected users.

Code Snippet

The following code snippet demonstrates a part of the vulnerability in handling STP files within Autodesk AutoCAD:

// Pseudo-code snippet demonstrating the vulnerability
void parseSTPFile(const char* inputFile) {
    ifstream inFile(inputFile);
    if (inFile) {
        while (!inFile.eof()) {
            int numberOfTokens;
            inFile >> numberOfTokens;
            if (numberOfTokens <  || numberOfTokens > MAX_TOKENS_ALLOWED) {
                // Potential write access violation could occur here
                throw std::runtime_error("Invalid number of tokens");
            }
            processTokens(inFile, numberOfTokens);
        }
    }
}

Original References

1. https://nvd.nist.gov/vuln/detail/CVE-2024-23131
2. https://www.autodesk.com/security/advisories-and-alerts
3. https://owasp.org/www-community/vulnerabilities/Buffer_Overflow

Exploit Details

The vulnerability in ASMKERN228A.dll or ASMDATAX228A.dll could be exploited by an attacker who creates a maliciously crafted STP file. When this STP file is parsed through the Autodesk AutoCAD software, it leads to a memory corruption vulnerability by write access violation. This issue could eventually lead to a buffer overflow, causing memory corruption. The corrupted memory could then be used by an attacker in conjunction with other vulnerabilities to execute code in the context of the current process.

* Impact

One of the most concerning aspects of the CVE-2024-23131 vulnerability is the potential for an attacker to combine it with other vulnerabilities to execute code within the context of the current process. Consequently, this could compromise the affected user's system, exposing sensitive data and potentially allowing the attacker to perform additional malicious actions.

* Mitigation Recommendations

Autodesk has released a security advisory addressing the CVE-2024-23131 vulnerability, which includes specific recommendations for mitigating the risks posed by this issue. Users of the Autodesk AutoCAD software are strongly urged to follow these recommendations, which include updating to the latest version and avoiding the use of untrusted STP files.

Conclusion

CVE-2024-23131 is a critical vulnerability in Autodesk AutoCAD, that could lead to a memory corruption vulnerability by write access violation when parsing maliciously crafted STP files. This, in combination with other vulnerabilities, has the potential to lead to code execution in the context of the current process. Users of Autodesk AutoCAD should be aware of this issue, and take all necessary steps to ensure that their software is up to date and configured securely to minimize the risk of exploitation.

Timeline

Published on: 02/22/2024 04:15:08 UTC
Last modified on: 03/18/2024 00:15:07 UTC