CVE-2024-12199 – This vulnerability allows attackers to execute ... (How to Fix)

Q: What is the severity of CVE-2024-12199?

CVE-2024-12199 has a CVSS score of 7.8 (HIGH). This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious DWFX files in Autodesk Navisworks. It affects all users of vulnerable Autodesk Navisworks versions who process untrusted DWFX files. The vulnerability stems from an out-of-bounds write when parsing specially crafted files.

📋 TL;DR

This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious DWFX files in Autodesk Navisworks. It affects all users of vulnerable Autodesk Navisworks versions who process untrusted DWFX files. The vulnerability stems from an out-of-bounds write when parsing specially crafted files.

💻 Affected Systems

Products:

Autodesk Navisworks

Versions: 2024 and earlier versions

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations that process DWFX files are vulnerable. The vulnerability requires user interaction to open malicious files.

📦 What is this software?

Navisworks by Autodesk

View all CVEs affecting Navisworks →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the same privileges as the Navisworks process, potentially leading to full system compromise.

🟠

Likely Case

Application crash or denial of service when processing malicious files, with potential for limited code execution.

🟢

If Mitigated

No impact if patched versions are used or if DWFX files from untrusted sources are blocked.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open malicious files. No public exploit code has been disclosed as of the advisory date.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2024.3 and later

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0027

Restart Required: Yes

Instructions:

1. Open Autodesk Navisworks
2. Navigate to Help > About to check current version
3. If version is earlier than 2024.3, download and install the latest update from Autodesk Account
4. Restart the application after installation

🔧 Temporary Workarounds

Block DWFX file extensions

windows

Prevent processing of DWFX files through group policy or application controls

User awareness training

all

Train users not to open DWFX files from untrusted sources

🧯 If You Can't Patch

Implement application whitelisting to prevent execution of vulnerable Navisworks versions
Use network segmentation to isolate Navisworks systems from critical assets

🔍 How to Verify

Check if Vulnerable:

Check Navisworks version in Help > About menu. If version is earlier than 2024.3, the system is vulnerable.

Check Version:

Not applicable - check through application GUI

Verify Fix Applied:

Verify version is 2024.3 or later in Help > About menu and test with known safe DWFX files.

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing DWFX files
Unexpected process termination events in Windows Event Logs

Network Indicators:

Downloads of DWFX files from untrusted sources
Unusual outbound connections from Navisworks process

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="*navisworks*" AND ExceptionCode="0xc0000005"

📊 Metadata

CVE ID: CVE-2024-12199

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: December 17, 2024

Last Updated: October 2, 2025

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0027 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-12199, you might also want to check these: