CVE-2024-12194

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 17, 2024

CWE ID 120

Summary

CVE-2024-12194 is a newly disclosed vulnerability that affects Autodesk Navisworks. Maliciously crafted DWFX files can trigger a Memory Corruption issue in the software. An attacker can exploit this vulnerability by supplying a specially designed DWFX file, causing arbitrary code execution within the context of the current process. This can potentially lead to significant security risks, including data theft, unauthorized system access, or further exploitation. Users are strongly advised to update their Autodesk Navisworks installations as soon as a patch becomes available to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/1P13Nm
https://www.cve.org/CVERecord?id=CVE-2024-12194
https://nvd.nist.gov/vuln/detail/CVE-2024-12194

Back to Vulnerability Database

CVE-2024-12194

CVSS 3.1 Score 7.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations