Alert!

Security update: Malicious code attacks on Autodesk AutoCAD possible

The CAD software Advance Steel, Civil 3D and AutoCAD from Autodesk are vulnerable. The security risk is considered high.

(Image: AFANASEV IVAN/Shutterstock.com)

Jun 3, 2024 at 3:14 pm CEST

1 min. read

Security

By

Dennis Schirrmacher

This article was originally published in German and has been automatically translated.

Attackers can target Autodesk Advance Steel, Civil 3D and AutoCAD and attack systems with malicious code. The developers have closed a total of 26 security vulnerabilities in updated versions. The provider of the applications advises users to update quickly.

Victims must play along

If attackers successfully exploit the vulnerabilities, they can execute malicious code and completely compromise computers. Overall, the threat level is "high".

In all cases, attackers have to plant prepared files (such as X_B or CARPTODUCT) on victims. If a victim falls for this and opens the file, this leads to a memory error (out-of-bounds write), allowing attackers to execute their own code.

In a warning message, Autodeskstates that it has resolved the security issues in the 2024.1.4 release. So far, there are no reports of ongoing attacks.

(des)

Back to top

Alle Angebote

Newsletter heise-Bot Push Push-Nachrichten

${intro} ${title}

${intro} ${title}

Security update: Malicious code attacks on Autodesk AutoCAD possible

Victims must play along

Spiele

1 Monat gratis lesen.Jetzt 1 Monat gratis lesen.

Das digitale Abo für IT und Technik.