CVE-2024-7991 – This vulnerability allows attackers to execute ... (How to Fix)

Q: What is the severity of CVE-2024-7991?

CVE-2024-7991 has a CVSS score of 7.8 (HIGH). This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious DWG files in Autodesk AutoCAD. It affects AutoCAD and AutoCAD-based products, potentially giving attackers full control over the affected system. Users who open untrusted DWG files are at risk.

📋 TL;DR

This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious DWG files in Autodesk AutoCAD. It affects AutoCAD and AutoCAD-based products, potentially giving attackers full control over the affected system. Users who open untrusted DWG files are at risk.

💻 Affected Systems

Products:

Autodesk AutoCAD
AutoCAD-based products

Versions: Specific versions listed in Autodesk advisory ADSK-SA-2024-0021

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations that process DWG files are vulnerable. Check Autodesk advisory for exact affected versions.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Application crash or limited data corruption from malicious files, with potential for targeted attacks against specific organizations.

🟢

If Mitigated

Application crash with no data loss if proper file validation and user awareness controls are implemented.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file). No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions specified in Autodesk advisory ADSK-SA-2024-0021

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021

Restart Required: Yes

Instructions:

1. Visit Autodesk Trust Center. 2. Download latest security update for your AutoCAD version. 3. Install update. 4. Restart AutoCAD application.

🔧 Temporary Workarounds

Restrict DWG file handling

windows

Configure AutoCAD to only open DWG files from trusted sources using application whitelisting

User awareness training

all

Train users to only open DWG files from trusted sources and verify file integrity

🧯 If You Can't Patch

Implement application whitelisting to restrict AutoCAD execution to trusted locations only
Deploy email/web filtering to block malicious DWG attachments and downloads

🔍 How to Verify

Check if Vulnerable:

Check AutoCAD version against affected versions in Autodesk advisory ADSK-SA-2024-0021

Check Version:

In AutoCAD: Type 'ABOUT' command or check Help > About AutoCAD

Verify Fix Applied:

Verify AutoCAD version is updated to patched version specified in advisory

📡 Detection & Monitoring

Log Indicators:

AutoCAD crash logs with memory access violations
Unexpected process termination events

Network Indicators:

Unusual outbound connections from AutoCAD process
File downloads of DWG files from untrusted sources

SIEM Query:

Process:AutoCAD.exe AND (EventID:1000 OR EventID:1001) AND ExceptionCode:c0000005

📊 Metadata

CVE ID: CVE-2024-7991

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: October 29, 2024

Last Updated: April 11, 2025

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-7991, you might also want to check these: