Autodesk AutoCAD is a popular computer-aided design (CAD) software used by architects, engineers, and other professionals for creating 2D and 3D designs. In this long read, we will discuss a recently discovered memory corruption vulnerability (CVE-2024-23133) in Autodesk AutoCAD that could potentially lead to code execution in the context of the current process. This vulnerability arises from a maliciously crafted STP file being parsed through the ASMDATAX228A.dll library in Autodesk AutoCAD.

We will provide essential information about this vulnerability, including original references, code snippets, and details on how it can be exploited. Let's dive in!

Vulnerability Overview

CVE ID: CVE-2024-23133
Type: Memory Corruption Vulnerability
Impact: Code Execution
Affected Component: ASMDATAX228A.dll library in Autodesk AutoCAD
Attack Vector: Parsing a maliciously crafted STP file

Description

The vulnerability stems from a specially crafted STP file, designed to cause a memory corruption error when parsed by the ASMDATAX228A.dll library in Autodesk AutoCAD. This memory corruption error is a result of a write access violation, which may disrupt the normal functioning of the AutoCAD software. Importing or opening such a malicious STP file in Autodesk AutoCAD can lead to unintended behavior or, in the worst case scenario, exploit a series of other vulnerabilities to enable arbitrary code execution in the context of the current process.

Exploit Details

To fully understand and appreciate the possible consequences of this vulnerability, it is crucial to know how the ASMDATAX228A.dll library processes STP files and where the memory corruption occurs.

Consider the following code snippet illustrating the essential part of parsing a malicious STP file

// Simplified code for demonstration purposes

void process_stp_file(){
  ...
  while (read_next_item){
    if (item_type == malicious_item_type){
      char *malicious_buffer;
      int malicious_length = calculate_length_of_malicious_buffer();
      malicious_buffer = (char *) malloc(malicious_length);
      write_to_malicious_buffer(malicious_buffer, malicious_length); // Memory Corruption occurs here
    }
  }
}

The code above demonstrates how a loop processes items within an STP file. When an item of the malicious type is identified, the affected code calculates a length for the malicious_buffer variable, which is subsequently allocated. The problem arises in the write_to_malicious_buffer function, as it writes data to the malicious_buffer without proper boundary checks, thus causing the memory corruption.

Original References

The full details of this vulnerability, including its discovery, technical description, and analysis, can be found in these original references:

1. Autodesk Security Advisory: CVE-2024-23133
2. Vulnerability Disclosure: NVD

Mitigation and Patch Information

Autodesk has acknowledged the issue in their security advisory and released a patch to address the vulnerability. Users are urged to update their Autodesk AutoCAD software to the latest version to ensure they are protected against this threat.

- Autodesk AutoCAD Update Center: Install Latest AutoCAD Updates

Conclusion

In summary, CVE-2024-23133 is a critical memory corruption vulnerability in the Autodesk AutoCAD software that could lead to code execution in the context of the current process if taken advantage of by an attacker. To keep their designs safe and secure, it is crucial that professionals using Autodesk AutoCAD regularly update their software to the latest version and be extremely cautious when opening third-party STP files.

Timeline

Published on: 02/22/2024 04:15:08 UTC
Last modified on: 08/01/2024 13:47:08 UTC