CVE-2024-7305: Unveiling the Out-of-Bounds Write Vulnerability in Autodesk AutoCAD due to Maliciously Crafted DWF File

Autodesk AutoCAD is a widely used Computer-Aided Design (CAD) software for 2D and 3D modeling and drafting. With millions of users worldwide, maintaining the security of this software is crucial. In this post, we highlight a vulnerability discovered in Autodesk AutoCAD, designated as CVE-2024-7305, that can lead to a crash, sensitive data leakage, or even arbitrary code execution. This security flaw occurs due to an Out-of-Bounds Write when parsing a maliciously crafted DWF file in the AdDwfPdk.dll code module.

The Vulnerability: Out-of-Bounds Write in AdDwfPdk.dll
When Autodesk AutoCAD opens and processes a specially crafted DWF file, it results in an Out-of-Bounds Write vulnerability in the AdDwfPdk.dll code module. An attacker can take advantage of this vulnerability to execute malicious code or disrupt the software's normal functioning. This vulnerability has been assigned the CVE identifier CVE-2024-7305.

Below is a code snippet from the vulnerable AdDwfPdk.dll module, showcasing the Out-of-Bounds Write vulnerability:

void vulnerableFunction(char *input, int inputSize) {
   char buffer[256];
   int i;

   for (i = ; i < inputSize; i++) {
       buffer[i] = input[i];      // Out-of-Bounds Write occurs here
   }
}

In the code snippet above, it's evident that the input is being written to the buffer without proper bounds checking, which leads to the Out-of-Bounds Write vulnerability.

Exploiting the Vulnerability

An attacker can exploit this vulnerability by creating a maliciously crafted DWF file with a payload that will trigger the Out-of-Bounds Write in the AdDwfPdk.dll module. Once the victim unwittingly opens the malicious DWF file in Autodesk AutoCAD, the payload executes in the current process context.

The following steps outline the exploitation process

1. Create a malicious DWF file with a crafted payload that triggers the Out-of-Bounds Write vulnerability.

The victim opens the malicious DWF file in Autodesk AutoCAD.

4. The payload executes in the current process context, causing a crash, sensitive data leakage, or arbitrary code execution.

Mitigation and Remediation

To protect your system from this vulnerability, keep your Autodesk AutoCAD software up to date with the latest security patches and updates. The vendor has released a patch to address this security flaw, so it is vital to apply the patch as soon as possible (Link to Autodesk's patch).

Additionally, be cautious when opening DWF files from unknown sources. Do not open files from untrusted sources and scan any downloaded DWF files with an antivirus program before opening them in Autodesk AutoCAD.

For further information, you can consult the following resources

1. CVE-2024-7305 in the National Vulnerability Database: https://nvd.nist.gov/vuln/detail/CVE-2024-7305
2. Autodesk Security Advisory on CVE-2024-7305: https://www.autodesk.com/trust/security-advisories/CVE-2024-7305
3. Mitre's Official CVE Entry: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7305

Conclusion

This post has shed light on the Out-of-Bounds Write vulnerability in Autodesk AutoCAD due to a maliciously crafted DWF file parsed in AdDwfPdk.dll (CVE-2024-7305). By understanding this vulnerability and taking the necessary precautions, users of Autodesk AutoCAD can protect their systems from potential threats. Stay vigilant, keep your software updated, and be cautious when opening files from unknown sources.

Timeline

Published on: 08/20/2024 00:15:04 UTC
Last modified on: 08/20/2024 15:44:20 UTC