CVE-2024-23151 in AutoCAD
Summary
by MITRE • 06/25/2024
A maliciously crafted 3DM file, when parsed in ASMkern229A.dll through Autodesk applications, can force an Out-of-Bounds Write. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 03/23/2025
This vulnerability represents a critical out-of-bounds write flaw in Autodesk's 3DM file parsing functionality within the ASMkern229A.dll component. The issue arises when Autodesk applications process maliciously crafted 3DM files, which are commonly used for 3D modeling and design data exchange. The vulnerability stems from inadequate input validation and bounds checking during the parsing of 3DM file structures, specifically affecting the kernel processing module responsible for handling geometric data. This flaw allows attackers to manipulate memory layout through carefully constructed file content that bypasses normal validation mechanisms.
The technical exploitation of this vulnerability occurs through the manipulation of 3DM file headers and data structures that control how the ASMkern229A.dll processes geometric primitives and mesh data. When the vulnerable component encounters malformed data during parsing, it fails to properly validate array indices or buffer boundaries before writing data to memory locations. This memory corruption vulnerability aligns with CWE-787, which specifically addresses out-of-bounds write conditions, and represents a classic example of memory safety issues in legacy software components. The vulnerability can be leveraged for multiple attack vectors including denial of service through crashes, information disclosure via memory reads, and potentially code execution through controlled memory corruption.
The operational impact of this vulnerability extends beyond simple application instability to encompass potential system compromise and data exposure. Attackers can craft 3DM files that trigger the out-of-bounds write condition when opened by Autodesk applications such as AutoCAD, Revit, or other products utilizing the affected DLL component. This creates a significant risk for organizations that frequently exchange 3D design files, as a single malicious file could compromise user systems. The vulnerability's exploitation requires minimal privileges since it operates within the context of the current process, making it particularly dangerous for environments where users have elevated permissions or where applications run with administrative privileges.
Organizations should prioritize immediate mitigation through Autodesk's official security patches and updates, as the vulnerability exists in widely deployed software components. System administrators should implement file validation policies and restrict 3DM file handling through network security controls. The ATT&CK framework categorizes this vulnerability under T1203, which covers exploitation of remote services and application vulnerabilities, while also potentially mapping to T1059 for command and control through code execution. Defense in depth strategies should include application whitelisting for Autodesk products, network segmentation, and monitoring for unusual file processing activities. Regular security assessments of 3D design workflows and user education on safe file handling practices remain essential components of comprehensive security posture management.