CVE-2024-8590 – This CVE describes a use-after-free vulnerabili... (How to Fix)

Q: What is the severity of CVE-2024-8590?

CVE-2024-8590 has a CVSS score of 7.8 (HIGH). This CVE describes a use-after-free vulnerability in Autodesk AutoCAD's 3DM file parser. Attackers can exploit this by tricking users into opening malicious 3DM files, potentially leading to arbitrary code execution. All AutoCAD users who process untrusted 3DM files are affected.

📋 TL;DR

This CVE describes a use-after-free vulnerability in Autodesk AutoCAD's 3DM file parser. Attackers can exploit this by tricking users into opening malicious 3DM files, potentially leading to arbitrary code execution. All AutoCAD users who process untrusted 3DM files are affected.

💻 Affected Systems

Products:

Autodesk AutoCAD

Versions: Multiple versions prior to the patched release

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in atf_api.dll when parsing 3DM files. All default AutoCAD installations that can open 3DM files are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through arbitrary code execution with the privileges of the AutoCAD process, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Application crashes and denial of service when processing malicious files, with potential for limited data exposure or code execution in targeted attacks.

🟢

If Mitigated

Minimal impact with proper network segmentation, application sandboxing, and user training preventing malicious file execution.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious file. No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Autodesk Security Advisory ADSK-SA-2024-0019 for specific patched versions

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019

Restart Required: Yes

Instructions:

1. Open Autodesk Desktop App or Autodesk Account
2. Check for available updates
3. Install the latest AutoCAD update
4. Restart AutoCAD and verify the update

🔧 Temporary Workarounds

Disable 3DM file association

windows

Prevent AutoCAD from automatically opening 3DM files by changing file associations

Implement application control

windows

Use Windows AppLocker or similar to restrict execution of AutoCAD to trusted locations only

🧯 If You Can't Patch

Implement network segmentation to isolate AutoCAD workstations from critical systems
Train users to never open 3DM files from untrusted sources and implement email filtering for suspicious attachments

🔍 How to Verify

Check if Vulnerable:

Check AutoCAD version against affected versions listed in Autodesk Security Advisory ADSK-SA-2024-0019

Check Version:

In AutoCAD: Type 'ABOUT' command or check Help > About AutoCAD

Verify Fix Applied:

Verify AutoCAD version is updated to patched version specified in the advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes of AutoCAD with atf_api.dll in stack trace
Unexpected 3DM file processing from unusual sources

Network Indicators:

Downloads of 3DM files from external sources to AutoCAD workstations

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName='acad.exe' AND FaultModuleName='atf_api.dll'

📊 Metadata

CVE ID: CVE-2024-8590

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-416

Published: October 29, 2024

Last Updated: April 11, 2025

🔗 References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-8590, you might also want to check these: