Use-After-Free Vulnerability in Autodesk Navisworks 2022 and 2023
CVE-2023-25001

7.8HIGH

Key Information:

Vendor: Autodesk
Status: Navisworks
Vendor: CVE Published:; 27 June 2023

What is CVE-2023-25001?

A vulnerability exists in Autodesk Navisworks 2022 and 2023 due to improper handling of maliciously crafted SKP files. Specifically, an attacker can exploit this flaw by creating a specially designed SKP file that triggers a use-after-free condition, potentially allowing for unauthorized code execution within the application. Users of Autodesk Navisworks are encouraged to apply the latest security updates provided by Autodesk to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Navisworks 2023, 2022

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 27, 2023
Vulnerability Reserved
Feb 1, 2023

JSON

Autodesk

What is CVE-2023-25001?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.