Out-of-Bound Read/Write Vulnerability in Autodesk AutoCAD and Maya
CVE-2023-25003

7.8HIGH

Key Information:

Vendor: Autodesk
Status: Autocad, Maya
Vendor: CVE Published:; 23 June 2023

What is CVE-2023-25003?

A vulnerability has been identified in Autodesk AutoCAD 2023 and Maya 2022, stemming from a maliciously crafted pskernel.dll file. This flaw allows for the potential to exploit out-of-bound read and write vulnerabilities, which could be leveraged to perform unauthorized code execution. Users of these products are advised to review security advisories for mitigation steps.

Affected Version(s)

AutoCAD, Maya 2023, 2022

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 23, 2023
Vulnerability Reserved
Feb 1, 2023