nvd-json-data-feeds/CVE-2024/CVE-2024-370xx/CVE-2024-37000.json

{
  "id": "CVE-2024-37000",
  "sourceIdentifier": "psirt@autodesk.com",
  "published": "2024-06-25T03:15:10.463",
  "lastModified": "2024-07-03T02:03:59.763",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo X_B creado con fines malintencionados, cuando se analiza en pskernel.DLL a trav\u00e9s de aplicaciones de Autodesk, puede provocar una vulnerabilidad de corrupci\u00f3n de memoria por infracci\u00f3n de acceso de escritura. Esta vulnerabilidad, junto con otras vulnerabilidades, puede provocar la ejecuci\u00f3n de c\u00f3digo en el contexto del proceso actual."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "psirt@autodesk.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009",
      "source": "psirt@autodesk.com"
    }
  ]
}