Unrated severityNVD Advisory· Published Jun 25, 2024· Updated Aug 26, 2025
Multiple ZDI Vulnerabilities in Autodesk AutoCAD and certain AutoCAD-based products
CVE-2024-23159
Description
A maliciously crafted STP file, when parsed in stp_aim_x64_vc15d.dll through Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process.
Affected products
10- cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*Range: 2025
- cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*Range: 2025
- cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*Range: 2025
- cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*Range: 2025
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.