CVE-2023-25003

Q: What is the severity of CVE-2023-25003?

CVE-2023-25003 has a CVSS score of 7.8 (HIGH). This vulnerability in Autodesk AutoCAD 2023 and Maya 2022 allows attackers to execute arbitrary code by exploiting out-of-bounds read/write vulnerabilities in the pskernel.dll file. Users of these specific Autodesk products are affected when opening maliciously crafted files.

7.8 HIGH

Remote Code Execution

📋 TL;DR

This vulnerability in Autodesk AutoCAD 2023 and Maya 2022 allows attackers to execute arbitrary code by exploiting out-of-bounds read/write vulnerabilities in the pskernel.dll file. Users of these specific Autodesk products are affected when opening maliciously crafted files.

💻 Affected Systems

Products:

Autodesk AutoCAD
Autodesk Maya

Versions: AutoCAD 2023, Maya 2022

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Requires opening malicious files containing crafted pskernel.dll content. Both products must be affected versions.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining the same privileges as the user running the vulnerable software, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Local code execution when a user opens a malicious file, potentially leading to malware installation or credential theft.

🟢

If Mitigated

Limited impact if software runs with minimal privileges, network segmentation is in place, and users are trained to avoid untrusted files.

🌐 Internet-Facing: LOW - Exploitation requires user interaction with malicious files, not directly exposed network services.

🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or malicious attachments, but requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open malicious files. No public exploit code has been identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Autodesk Security Advisory ADSK-SA-2023-0009 for specific patched versions

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009

Restart Required: Yes

Instructions:

1. Open affected Autodesk product. 2. Navigate to Help > About. 3. Check for updates or use Autodesk Desktop App. 4. Apply available security updates. 5. Restart the application.

🔧 Temporary Workarounds

Restrict file execution

windows

Block execution of untrusted AutoCAD/Maya files via application control policies

User training

all

Train users to only open trusted files from verified sources

🧯 If You Can't Patch

Run AutoCAD/Maya with minimal user privileges (not as administrator)
Implement application whitelisting to prevent execution of untrusted files

🔍 How to Verify

Check if Vulnerable:

Check AutoCAD/Maya version against affected versions (AutoCAD 2023, Maya 2022). If using these versions and not patched, system is vulnerable.

Check Version:

In AutoCAD/Maya: Help > About or check program properties

Verify Fix Applied:

Verify version has been updated beyond vulnerable versions listed in Autodesk advisory ADSK-SA-2023-0009

📡 Detection & Monitoring

Log Indicators:

Application crashes in AutoCAD/Maya with memory access violations
Unexpected process creation from AutoCAD/Maya executables

Network Indicators:

Unusual outbound connections from AutoCAD/Maya processes

SIEM Query:

Process creation where parent process is acad.exe or maya.exe AND command line contains unusual parameters

📊 Metadata

CVE ID: CVE-2023-25003

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: June 23, 2023

Last Updated: November 21, 2024

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009 Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0009 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Alias by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad Advance Steel by Autodesk

Autocad Advance Steel by Autodesk

Autocad Advance Steel by Autodesk

Autocad Advance Steel by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Civil 3d by Autodesk

Autocad Civil 3d by Autodesk

Autocad Civil 3d by Autodesk

Autocad Civil 3d by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Lt by Autodesk

Autocad Lt by Autodesk

Autocad Lt by Autodesk

Autocad Lt by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Infraworks by Autodesk

Infraworks by Autodesk

Infraworks by Autodesk

Inventor by Autodesk

Inventor by Autodesk

Inventor by Autodesk

Maya Usd by Autodesk

Maya Usd by Autodesk

Navisworks by Autodesk

Navisworks by Autodesk

Revit by Autodesk

Vred by Autodesk

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict file execution

User training

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities