Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:
CYBER ALERT
Home / CYBER ALERT
/
Updates for Autodesk Products (AL04/241030/CSIRT-ITA)

Updates for Autodesk Products (AL04/241030/CSIRT-ITA)

Summary

Autodesk Inc. resolves 22 high severity security vulnerabilities affecting AutoCAD, Civil 3D, Advance Steel, and DWG TrueView products. These vulnerabilities, if exploited, could allow arbitrary code to be executed on affected systems, access sensitive data, and/or cause a user’s software or device to become unavailable.

Risk

Vulnerability community impact estimate: MEDIUM/YELLOW (63.84/100)1.

Type

  • Arbitrary Code Execution
  • Denial of Service
  • Arbitrary File Write/Read
  • Information Disclosure
  • Security Restrictions Bypass

Affected products and/or versions

Autodesk

  • AutoCAD 2024, versions prior to 2024.1.6
  • AutoCAD Architecture 2024, versions prior to 2024.1.6
  • AutoCAD Electrical 2024, versions prior to 2024.1.6
  • AutoCAD Mechanical 2024, versions prior to 2024.1.6
  • AutoCAD MEP 2024, versions prior to 2024.1.6
  • AutoCAD Plant 3D 2024, versions prior to 2024.1.6
  • Civil 3D 2024, versions prior to 2024.1.6
  • Advance Steel 2024, versions prior to 2024.1.6
  • AutoCAD 2025, versions prior to 2025.1.1
  • AutoCAD Architecture 2025, versions prior to 2025.1.1
  • AutoCAD Electrical 2025, prior to 2025.1.1
  • AutoCAD Mechanical 2025, prior to 2025.1.1
  • AutoCAD MEP 2025, prior to 2025.1.1
  • AutoCAD Plant 3D 2025, prior to 2025.1.1
  • AutoCAD LT 2025, prior to 2025.1.1
  • Civil 3D 2025, prior to 2025.1.1
  • Advance Steel 2025, prior to 2025.1.1
  • DWG TrueView 2025, prior to 2025.1.1

Mitigation Actions

In line with vendor statements, it is recommended that vulnerable products be updated according to the security bulletins listed in the section References.

Unique Vulnerability Identifiers

CVE-2024-8587

CVE-2024-8588

CVE-2024-8589

CVE-2024-8590

CVE-2024-8591

CVE-2024-8593

CVE-2024-8594

CVE-2024-8595

CVE-2024-8596

CVE-2024-8597

CVE-2024-8598

CVE-2024-8599

CVE-2024-8600

CVE-2024-9826

CVE-2024-9827

CVE-2024-7991

CVE-2024-7992

CVE-2024-8896

CVE-2024-9489

CVE-2024-9996

CVE-2024-9997

CVE-2024-8592

References

https://www.autodesk.com/trust/security-advisories

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0019

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0020

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0021

1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.

Recommended to you

Search in 365TRUST

Our services