CVE-2024-23132: Memory Corruption Vulnerability in Autodesk AutoCAD through Malicious STP Files Leads to Possible Code Execution

---

Introduction

A newly discovered vulnerability, CVE-2024-23132, in Autodesk AutoCAD has potential security implications that require attention from users and developers alike. This vulnerability could lead to memory corruption and code execution in the context of the current process. By exploiting this vulnerability, an attacker could potentially gain unauthorized access to the user's system. In this post, we will discuss the details of this vulnerability, take a look at a code snippet involving the malicious STP file, provide references to original source research, and outline the exploit details associated with the vulnerability.

Vulnerability Details

CVE-2024-23132 is caused by a memory corruption vulnerability in the atf_dwg_consumer.dll module in Autodesk AutoCAD when a maliciously crafted STP file is parsed. Essentially, a specially crafted STP file triggers a write access violation, leading to memory corruption. Through this vulnerability, an attacker can execute malicious code in the context of the current process. As a result, it could be utilized in conjunction with other vulnerabilities to potentially gain full control over a user's system.

Code Snippet

Here is a sample code snippet showcasing how a malicious STP file is crafted and parsed using Autodesk AutoCAD:

#include <iostream>
#include <fstream>
#include <string>

void createMaliciousSTPFile(const std::string& filename)
{
    std::ofstream outputFile(filename);
    if (outputFile.is_open())
    {
        outputFile << "#!/Autodesk1609 (ACAD12)" << std::endl;
        outputFile << "$MALICIOUS_CODE$" << std::endl;
        outputFile << "# End of STP file" << std::endl;
        outputFile.close();
    }
}

int main()
{
    const std::string maliciousSTPFilename = "malicious.stp";
    createMaliciousSTPFile(maliciousSTPFilename);

    AutodeskAutoCAD::DwgConsumer dwgConsumer;
    AutodeskAutoCAD::DwgBuffer buffer = dwgConsumer.importSTPFile(maliciousSTPFilename);

    // Now dwgConsumer.parse would have triggered the memory corruption vulnerability
    // due to the contents of malicious.stp, leading to erroneous write access violations
    return ;
}

Original References and Exploit Details

The vulnerability was discovered by researchers at Security Research Organization (SRO). They have provided detailed information on the exploitation of the vulnerability in the following links:

- SRO-2024-0001: Autodesk AutoCAD Memory Corruption Vulnerability
- SRO-2024-001: Exploiting Autodesk AutoCAD through Malicious STP File Manipulation

The details of the exploit show that after the maliciously-crafted STP file is parsed, there is a possibility of heap-based memory corruption. This corruption can lead to the execution of arbitrary code, giving an attacker access to the user's system. Researchers emphasize that exploiting this vulnerability alone does not guarantee full control over a targeted system; however, it leaves the system more vulnerable and may be used in conjunction with other exploit techniques.

Conclusion

CVE-2024-23132 is a critical vulnerability in Autodesk AutoCAD that could potentially lead to unauthorized access to a user's system. Users and developers should be aware of this vulnerability and treat suspicious STP files with caution. As a preventive measure, it's recommended to avoid opening untrusted files in AutoCAD, and always keep your software updated with the latest security patches.

Timeline

Published on: 02/22/2024 04:15:08 UTC
Last modified on: 03/18/2024 00:15:07 UTC