CVE-2024-12669

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 17, 2024

CWE ID 122

Summary

CVE-2024-12669 is a newly disclosed cybersecurity vulnerability that affects Autodesk Navisworks software. Maliciously crafted DWFX files can cause a Heap-based Overflow issue when parsed by the software. An attacker can exploit this vulnerability to induce a crash, extract sensitive data, or run arbitrary code within the current process. This vulnerability poses a significant threat to organizations utilizing Autodesk Navisworks and requires immediate attention and patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Autodesk Navisworks Simulate
Navisworks Freedom
Navisworks Manage

Affected Vendors

Autodesk

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/1sH04R
https://www.cve.org/CVERecord?id=CVE-2024-12669
https://nvd.nist.gov/vuln/detail/CVE-2024-12669

Back to Vulnerability Database