CVE-2024-23136 in AutoCADinfo

Summary

by MITRE • 02/22/2024

A maliciously crafted STP file in ASMKERN228A.dll when parsed through Autodesk applications can be used to dereference an untrusted pointer. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 12/31/2025

The vulnerability identified as CVE-2024-23136 represents a critical memory safety issue within Autodesk's software ecosystem, specifically affecting applications that process STP (STEP) files through the ASMKERN228A.dll component. This flaw manifests as an improper pointer dereference condition that occurs during the parsing of maliciously crafted STEP files, creating a potential pathway for remote code execution attacks. The vulnerability resides in the core processing logic of Autodesk's kernel libraries, making it particularly dangerous as it can be exploited across multiple Autodesk products that rely on the same underlying DLL component.

The technical exploitation of this vulnerability follows a classic buffer over-read pattern where an attacker crafts a malicious STP file that triggers an untrusted pointer dereference within the ASMKERN228A.dll module. This occurs when Autodesk applications attempt to parse the specially constructed file, leading to unpredictable memory access patterns that can be leveraged to execute arbitrary code within the context of the currently running process. The flaw falls under the CWE-476 category of NULL Pointer Dereference, though it specifically manifests as an untrusted pointer dereference that bypasses normal validation mechanisms. The attack vector requires user interaction through opening or processing a malicious file, making it particularly concerning for enterprise environments where users may inadvertently encounter such files through email attachments or file downloads.

From an operational perspective, this vulnerability presents a significant risk to organizations using Autodesk products, particularly those in design, engineering, and manufacturing sectors where STEP files are commonly exchanged. The impact extends beyond simple code execution to potentially allow attackers to escalate privileges, access sensitive data, or establish persistent backdoors within affected systems. The vulnerability's exploitation does not require elevated privileges initially, as it targets the application's parsing logic rather than system-level components, making it accessible to attackers with minimal initial access. This characteristic aligns with ATT&CK technique T1059.007 for Command and Scripting Interpreter, as successful exploitation could enable attackers to execute malicious commands through the compromised application process.

Organizations should prioritize immediate mitigation through official patches provided by Autodesk, as the vulnerability represents a high-severity threat that can be exploited remotely without user interaction beyond opening a malicious file. System administrators should implement strict file validation policies and consider network-level restrictions on STEP file types where possible. The mitigation strategy should include monitoring for suspicious file access patterns and implementing application whitelisting controls to prevent execution of untrusted DLL components. Additionally, security teams should conduct vulnerability assessments to identify all Autodesk products within their environment that may be affected by this issue, as the ASMKERN228A.dll component is likely used across multiple Autodesk applications and may be present in various software versions. The vulnerability's presence in core kernel libraries means that traditional antivirus solutions may not detect exploitation attempts, requiring more sophisticated behavioral monitoring approaches to identify potential attacks.

Reservation

01/11/2024

Disclosure

02/22/2024

Moderation

accepted

CPE

ready

EPSS

0.00439

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!