CVE-2024-36999

Q: What is the severity of CVE-2024-36999?

CVE-2024-36999 has a CVSS score of 7.8 (HIGH). This vulnerability allows an attacker to execute arbitrary code or cause a denial-of-service by tricking a user into opening a malicious 3DM file in affected Autodesk applications. It affects users of Autodesk software that uses the opennurbs.dll library for parsing 3DM files. Exploitation requires user interaction, such as opening a crafted file.

7.8 HIGH

📋 TL;DR

This vulnerability allows an attacker to execute arbitrary code or cause a denial-of-service by tricking a user into opening a malicious 3DM file in affected Autodesk applications. It affects users of Autodesk software that uses the opennurbs.dll library for parsing 3DM files. Exploitation requires user interaction, such as opening a crafted file.

💻 Affected Systems

Products:

Autodesk applications using opennurbs.dll for 3DM file parsing, such as AutoCAD, Fusion 360, and other 3D design tools

Versions: Specific versions are detailed in the vendor advisory; generally, versions prior to the patched release are affected.

Operating Systems: Windows, macOS, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability is present in default installations when processing 3DM files; exact product list may vary based on Autodesk's advisory.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker gains full control of the system by executing arbitrary code in the context of the current user, potentially leading to data theft, ransomware deployment, or further network compromise.

🟠

Likely Case

An attacker causes a crash (denial-of-service) or writes sensitive data from memory, disrupting workflows or leaking information.

🟢

If Mitigated

With proper controls like restricted file handling and user awareness, impact is limited to isolated crashes or minimal data exposure.

🌐 Internet-Facing: LOW, as exploitation typically requires local file access or user interaction with malicious files, not direct internet exposure.

🏢 Internal Only: MEDIUM, due to the potential for internal users to inadvertently open malicious files via email or shared drives, leading to lateral movement or data breaches.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious file; no public proof-of-concept is known, but the vulnerability is rated with a high CVSS score indicating significant risk.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Refer to Autodesk advisory for specific patched versions per product.

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010

Restart Required: Yes

Instructions:

1. Visit the Autodesk advisory URL. 2. Identify affected products and versions. 3. Download and install the latest updates from Autodesk's official channels. 4. Restart the application or system as required.

🔧 Temporary Workarounds

Restrict 3DM file handling

all

Block or limit the opening of 3DM files from untrusted sources to reduce attack surface.

Use application sandboxing

all

Run Autodesk applications in isolated environments to contain potential exploits.

🧯 If You Can't Patch

Implement strict user training to avoid opening 3DM files from unknown or untrusted sources.
Deploy endpoint detection and response (EDR) tools to monitor for suspicious file execution and memory corruption events.

🔍 How to Verify

Check if Vulnerable:

Check the version of the Autodesk application and compare it against the patched versions listed in the vendor advisory.

Check Version:

On Windows: Check via 'About' in the application or use system information tools; command varies by product.

Verify Fix Applied:

Confirm that the application version matches or exceeds the patched version specified by Autodesk.

📡 Detection & Monitoring

Log Indicators:

Application crashes related to opennurbs.dll
Unexpected file parsing errors in Autodesk application logs

Network Indicators:

Unusual outbound connections after opening a 3DM file

SIEM Query:

Example: 'event_source:"Autodesk Application" AND (event_type:"Crash" OR file_extension:".3dm")'

📊 Metadata

CVE ID: CVE-2024-36999

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: June 25, 2024

Last Updated: November 13, 2025

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0010 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Advance Steel by Autodesk

Advance Steel by Autodesk

Advance Steel by Autodesk

Advance Steel by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Architecture by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Electrical by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Map 3d by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mechanical by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Mep by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Autocad Plant 3d by Autodesk

Civil 3d by Autodesk

Civil 3d by Autodesk

Civil 3d by Autodesk

Civil 3d by Autodesk

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict 3DM file handling

Use application sandboxing

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities