AutoCAD STP File Untrusted Pointer Deref CVE-2023-41139
CVE-2023-41139 Published on November 23, 2023

A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

NVD

Weakness Type

Untrusted Pointer Dereference

The program obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.


Products Associated with CVE-2023-41139

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-41139 are published in these products:

AutoDesk Autocad Map 3d
 
AutoDesk Autocad Electrical
 
AutoDesk Autocad
 
AutoDesk Autocad Architecture
 
AutoDesk Autocad Lt
 
AutoDesk Autocad Civil 3d
 
AutoDesk Autocad Advance Steel
 
AutoDesk Autocad Plant 3d
 
AutoDesk Autocad Mep
 
AutoDesk Autocad Mechanical
 

Affected Versions

Autodesk AutoCAD, Advance Steel and Civil 3D Version 2024, 2023 is affected by CVE-2023-41139

Exploit Probability

EPSS
0.06%
Percentile
17.23%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.