CVE-2023-29068

HIGH

Autodesk Alias 2023-2023.1.1 - Out-of-bounds Write via pskernel.dll

Title source: llm

Description

A maliciously crafted file consumed through pskernel.dll file could lead to memory corruption vulnerabilities. These vulnerabilities in conjunction with other vulnerabilities could lead to code execution in the context of the current process.

References (1)

Core 1

Core References

Vendor Advisory

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009

Scores

CVSS v3 7.8

EPSS 0.0008

EPSS Percentile 22.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-787

Status published

Products (17)

autodesk/alias 2023 - 2023.1.1

autodesk/autocad 2020 - 2020.1.6

autodesk/autocad_advance_steel 2020 - 2020.1.6

autodesk/autocad_architecture 2020 - 2020.1.6

autodesk/autocad_civil_3d 2020 - 2020.1.6

autodesk/autocad_electrical 2020 - 2020.1.6

autodesk/autocad_lt 2020 - 2020.1.6

autodesk/autocad_map_3d 2020 - 2020.1.6

autodesk/autocad_mechanical 2020 - 2020.1.6

autodesk/autocad_mep 2020 - 2020.1.6

... and 7 more

Published Jun 27, 2023

Tracked Since Feb 18, 2026