Malicious FBX File May Cause Out-of-Bounds Write, Crash, Data Corruption, or Arbitrary Code Execution Vulnerability

CVE-2023-7298

5.3MEDIUM

Key Information

Vendor: Autodesk
Status: Autodesk Fbx Sdk
Vendor: CVE Published:; 9 December 2024

Summary

A maliciously crafted FBX file, when parsed through Autodesk FBX SDK, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Affected Version(s)

Autodesk FBX SDK = 2020.3.4

Refferences

https://autodesk.com/trust/security-advisories/adsk-sa-20...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Dec 9, 2024
Vulnerability Reserved.
Nov 14, 2024

Collectors

NVD DatabaseMitre Database