← back
CVE-2023-41139

CVE-2023-41139

EPSS 0.3%CWE-822
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
23 Nov 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A maliciously crafted STP file when parsed through Autodesk AutoCAD 2024 and 2023 can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.
Affected products
Autodesk · AutoCAD, Advance Steel and Civil 3D

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018