// For flags

CVE-2023-27912

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A maliciously crafted X_B file when parsed through AutodeskĀ® AutoCADĀ® 2023 can force an Out-of-Bound Read. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-03-07 CVE Reserved
  • 2023-04-14 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-11-04 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-125: Out-of-bounds Read
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Autodesk
Search vendor "Autodesk"
Autocad
Search vendor "Autodesk" for product "Autocad"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Advance Steel
Search vendor "Autodesk" for product "Autocad Advance Steel"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Advance Steel" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Architecture
Search vendor "Autodesk" for product "Autocad Architecture"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Architecture" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Civil 3d
Search vendor "Autodesk" for product "Autocad Civil 3d"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Civil 3d" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Electrical
Search vendor "Autodesk" for product "Autocad Electrical"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Electrical" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Lt
Search vendor "Autodesk" for product "Autocad Lt"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Lt" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Map 3d
Search vendor "Autodesk" for product "Autocad Map 3d"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Map 3d" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Mechanical
Search vendor "Autodesk" for product "Autocad Mechanical"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Mechanical" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Mep
Search vendor "Autodesk" for product "Autocad Mep"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Mep" and version " >= 2023 < 2023.1.3"
-
Affected
Autodesk
Search vendor "Autodesk"
Autocad Plant 3d
Search vendor "Autodesk" for product "Autocad Plant 3d"
>= 2023 < 2023.1.3
Search vendor "Autodesk" for product "Autocad Plant 3d" and version " >= 2023 < 2023.1.3"
-
Affected