CVE-2024-37005 in AutoCAD
Summary
by MITRE • 06/25/2024
A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 08/28/2025
The vulnerability identified as CVE-2024-37005 represents a critical out-of-bounds read flaw within the pskernel.DLL component of Autodesk applications, specifically affecting the parsing of X_B files. This vulnerability falls under the category of memory safety issues and is classified as CWE-125, which describes out-of-bounds read conditions that occur when software attempts to access memory beyond the intended buffer boundaries. The flaw manifests when Autodesk applications process maliciously crafted X_B files, which are typically used for storing 3D model data and related geometric information within the Autodesk ecosystem.
The technical execution of this vulnerability occurs through improper input validation within the pskernel.DLL library, which handles the parsing of various file formats including X_B files. When an attacker crafts a specially formatted X_B file containing malformed data structures, the parsing routine fails to properly validate array indices or buffer limits before accessing memory locations. This allows an attacker to manipulate the program flow and potentially read memory contents that should remain inaccessible, creating opportunities for information disclosure and privilege escalation. The vulnerability is particularly dangerous because it can be exploited through legitimate file processing workflows, making it difficult to detect and prevent through traditional network-based security measures.
The operational impact of this vulnerability extends beyond simple application crashes, as it provides attackers with multiple exploitation vectors that align with the tactics described in the MITRE ATT&CK framework under T1059 for command and control and T1068 for exploit public-facing applications. An attacker could leverage this vulnerability to execute arbitrary code with the privileges of the current user process, potentially leading to full system compromise. The out-of-bounds read condition could also be used to extract sensitive information from memory, including encryption keys, authentication tokens, or other confidential data that might be stored in adjacent memory regions. This makes the vulnerability particularly attractive for attackers seeking to establish persistent access or conduct data exfiltration operations.
Mitigation strategies for CVE-2024-37005 should focus on immediate patch management and input validation enhancements. Autodesk has released updates addressing this vulnerability, and organizations should prioritize applying these patches to all affected Autodesk applications. Additional protective measures include implementing strict file validation procedures, deploying application whitelisting policies to restrict execution of unauthorized X_B files, and configuring sandboxing environments for processing untrusted file formats. Network-based intrusion detection systems should be updated to recognize patterns associated with malicious X_B file structures, while endpoint protection solutions should be configured to monitor for unusual memory access patterns that might indicate exploitation attempts. The vulnerability also highlights the importance of secure coding practices and comprehensive input validation, particularly in libraries handling complex file format parsing operations, aligning with security best practices recommended in the OWASP Top Ten and NIST cybersecurity frameworks.