Use of uninitialized resource in Autodesk products - CVE-2024-8896
Published: October 30, 2024 / Updated: November 1, 2024
Autodesk AutoCAD
AutoCAD LT
AutoCAD Architecture
AutoCAD Electrical
AutoCAD Mechanical
AutoCAD MEP
AutoCAD Plant 3D
Autodesk Civil 3D
Advance Steel
DWG Trueview
Detailed vulnerability description
The vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to usage of uninitialized resources in acdb25.dll. A remote attacker can trick a victim to open a specially crafted DXF file, trigger uninitialized usage of resources and bypass implemented security mechanisms.