CVE-2024-3298
📋 TL;DR
CVE-2024-3298 allows attackers to execute arbitrary code by exploiting out-of-bounds write and type confusion vulnerabilities in eDrawings when opening malicious DWG or DXF files. This affects SOLIDWORKS users running eDrawings from Release 2023 through Release 2024. Successful exploitation could lead to complete system compromise.
💻 Affected Systems
- SOLIDWORKS eDrawings
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system takeover with attacker gaining full control of the affected machine, enabling data theft, ransomware deployment, or lateral movement within the network.
Likely Case
Malicious code execution in the context of the current user, allowing file system access, credential harvesting, and installation of persistent backdoors.
If Mitigated
Limited impact with proper application sandboxing and user privilege restrictions, potentially containing the exploit to the application context.
🎯 Exploit Status
Exploitation requires user interaction to open a malicious file. No public exploit code is currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Dassault Systèmes advisory for specific patched versions
Vendor Advisory: https://www.3ds.com/vulnerability/advisories
Restart Required: Yes
Instructions:
1. Visit the Dassault Systèmes vulnerability advisory page. 2. Download and install the latest eDrawings update for your SOLIDWORKS version. 3. Restart the application and system as required.
🔧 Temporary Workarounds
Disable automatic file opening
windowsPrevent automatic opening of DWG/DXF files in eDrawings
Configure Windows file associations to open DWG/DXF files with alternative software
User awareness training
allTrain users to only open trusted DWG/DXF files
🧯 If You Can't Patch
- Restrict user permissions to limit potential damage from code execution
- Implement application whitelisting to prevent unauthorized executables from running
🔍 How to Verify
Check if Vulnerable:
Check eDrawings version in Help > About. If version falls within SOLIDWORKS 2023-2024 range, system is vulnerable.Check Version:
In eDrawings: Help > About eDrawingsVerify Fix Applied:
Verify eDrawings version is updated beyond vulnerable releases and test opening known safe DWG/DXF files.📡 Detection & Monitoring
Log Indicators:
- Unexpected eDrawings crashes
- Suspicious child processes spawned from eDrawings
- Unusual file access patterns from eDrawings process
Network Indicators:
- Unexpected outbound connections from eDrawings process
- DNS requests to suspicious domains following file opening
SIEM Query:
Process Creation where Parent Process Name contains 'eDrawings' AND (Command Line contains '.dwg' OR Command Line contains '.dxf')