CVE-2023-29073

Q: What is the severity of CVE-2023-29073?

CVE-2023-29073 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows attackers to execute arbitrary code or read sensitive data by tricking users into opening malicious MODEL files in AutoCAD. It affects AutoCAD 2024 and 2023 users who open untrusted files. The heap-based buffer overflow can lead to complete system compromise.

9.8 CRITICAL

Remote Code Execution

📋 TL;DR

This vulnerability allows attackers to execute arbitrary code or read sensitive data by tricking users into opening malicious MODEL files in AutoCAD. It affects AutoCAD 2024 and 2023 users who open untrusted files. The heap-based buffer overflow can lead to complete system compromise.

💻 Affected Systems

Products:

Autodesk AutoCAD

Versions: 2024 and 2023 versions

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of affected versions are vulnerable when opening MODEL files. No special configuration required.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control of the AutoCAD process, potentially leading to lateral movement, data exfiltration, or ransomware deployment.

🟠

Likely Case

Arbitrary code execution in AutoCAD context, allowing attackers to steal sensitive design files, install malware, or pivot to other systems.

🟢

If Mitigated

Limited impact with proper patching and user training, potentially just application crashes if exploit fails.

🌐 Internet-Facing: MEDIUM - Attackers could host malicious files online, but requires user interaction to open them.

🏢 Internal Only: HIGH - Internal users could be tricked via phishing or shared drives to open malicious files, leading to network compromise.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open malicious file. No public exploit code available at time of advisory.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update through Autodesk Desktop App or download from Autodesk Account

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018

Restart Required: Yes

Instructions:

1. Open Autodesk Desktop App. 2. Check for updates. 3. Install available AutoCAD updates. 4. Restart AutoCAD after installation.

🔧 Temporary Workarounds

Block MODEL file extensions

windows

Prevent AutoCAD from opening .model files via group policy or application restrictions

User training and file restrictions

all

Train users to only open trusted files and implement file type restrictions

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized AutoCAD execution
Use network segmentation to isolate AutoCAD workstations from critical systems

🔍 How to Verify

Check if Vulnerable:

Check AutoCAD version: 2024 or 2023 versions are vulnerable. Verify by opening AutoCAD and checking Help > About.

Check Version:

In AutoCAD command line: (getvar "acadver") or check Help > About dialog

Verify Fix Applied:

After update, verify version is no longer 2024 or 2023 original release. Check for latest updates in Autodesk Desktop App.

📡 Detection & Monitoring

Log Indicators:

AutoCAD crashes with heap corruption errors
Unexpected MODEL file access attempts
Process creation from AutoCAD context

Network Indicators:

Downloads of MODEL files from untrusted sources
Outbound connections from AutoCAD process

SIEM Query:

EventID=1000 OR EventID=1001 Source=AutoCAD.exe AND (Keywords="heap" OR "buffer")

📊 Metadata

CVE ID: CVE-2023-29073

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-122

Published: November 23, 2023

Last Updated: November 21, 2024

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0018 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Autocad by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad Advance Steel by Autodesk

Autocad Advance Steel by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Civil 3d by Autodesk

Autocad Civil 3d by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Lt by Autodesk

Autocad Lt by Autodesk

Autocad Lt by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Block MODEL file extensions

User training and file restrictions

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities