CVE-2024-23144

Q: What is the severity of CVE-2024-23144?

CVE-2024-23144 has a CVSS score of 7.8 (HIGH). This vulnerability allows attackers to execute arbitrary code on AutoCAD systems by tricking users into opening malicious CATPART files. It affects AutoCAD users who process CATPART files through vulnerable CC5Dll.dll and ASMBASE228A.dll components. Successful exploitation gives attackers the same privileges as the current AutoCAD process.

7.8 HIGH

📋 TL;DR

This vulnerability allows attackers to execute arbitrary code on AutoCAD systems by tricking users into opening malicious CATPART files. It affects AutoCAD users who process CATPART files through vulnerable CC5Dll.dll and ASMBASE228A.dll components. Successful exploitation gives attackers the same privileges as the current AutoCAD process.

💻 Affected Systems

Products:

Autodesk AutoCAD

Versions: Specific versions not detailed in advisory, but affects versions using vulnerable CC5Dll.dll and ASMBASE228A.dll components

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when processing CATPART files through the affected DLLs. All AutoCAD installations with these components are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with attacker gaining the same privileges as the AutoCAD user, potentially leading to lateral movement, data theft, or ransomware deployment.

🟠

Likely Case

Local privilege escalation leading to data corruption, system crashes, or limited code execution within the AutoCAD process context.

🟢

If Mitigated

Denial of service through application crashes if exploit attempts are blocked but still trigger the vulnerability.

🌐 Internet-Facing: LOW - Requires user interaction to open malicious files, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Internal users could be tricked via phishing or shared drives, but requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user interaction to open malicious file. Exploit development requires understanding of CATPART file format and memory corruption techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in advisory - refer to Autodesk security update

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009

Restart Required: Yes

Instructions:

1. Open AutoCAD
2. Navigate to Help > About > Product Information
3. Check for updates
4. Apply available security updates
5. Restart AutoCAD

🔧 Temporary Workarounds

Block CATPART file processing

windows

Prevent AutoCAD from processing CATPART files by modifying file associations or using application control

assoc .catpart=
ftype catpartfile=

Restrict file access

windows

Use group policy or application whitelisting to block execution of CATPART files

🧯 If You Can't Patch

Implement strict email filtering to block CATPART attachments
Educate users to never open CATPART files from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check if AutoCAD is installed and can open CATPART files. Review version against Autodesk advisory.

Check Version:

In AutoCAD: Help > About > Product Information

Verify Fix Applied:

Verify AutoCAD version is updated per Autodesk advisory and test with known safe CATPART file.

📡 Detection & Monitoring

Log Indicators:

AutoCAD crash logs with CC5Dll.dll or ASMBASE228A.dll errors
Windows Application logs showing AutoCAD crashes

Network Indicators:

Unusual outbound connections after opening CAD files
File downloads of CATPART files from untrusted sources

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="acad.exe" AND (ModuleName="CC5Dll.dll" OR ModuleName="ASMBASE228A.dll")

📊 Metadata

CVE ID: CVE-2024-23144

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: June 25, 2024

Last Updated: November 14, 2025

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Advance Steel by Autodesk

Advance Steel by Autodesk

Advance Steel by Autodesk

Advance Steel by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Civil 3d by Autodesk

Civil 3d by Autodesk

Civil 3d by Autodesk

Civil 3d by Autodesk

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Block CATPART file processing

Restrict file access

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities