Home » IT Security: Windows is underneath risk – Warning about new IT safety hole in Autodesk AutoCAD

IT Security: Windows is underneath risk – Warning about new IT safety hole in Autodesk AutoCAD

by admin
IT Security: Windows is underneath risk – Warning about new IT safety hole in Autodesk AutoCAD

There is a present BSI safety alert for Autodesk AutoCAD. Several dangers have been recognized. You can discover out right here what threatens the IT safety of Windows methods, how excessive the danger is and what involved customers ought to take note of.

Federal workplace for Security in Information Technology (BSI) reported a safety advisory for Autodesk AutoCAD on June 2nd, 2024. The report lists a number of vulnerabilities that may very well be exploited by attackers. The safety vulnerability impacts the Windows working system and the Autodesk AutoCAD product.

The newest producer suggestions for updates, workarounds and safety patches for this vulnerability may be discovered right here: Autodesk Trust Center Security Advisory (Stop: 02.06.2024).

Many vulnerabilities have been reported for Autodesk AutoCAD – Risk: High

Risk degree: 4 (excessive)
CVSS Base Score: 8.8
CVSS provisional rating: 7,7
Remote management: Ja

The Common Vulnerability Scoring System (CVSS) is used to evaluate the severity of vulnerabilities in laptop methods. The CVSS normal makes it doable to check potential or precise safety dangers primarily based on varied standards to create a precedence listing for countermeasures. The attributes “none”, “low”, “medium”, “excessive” and “extreme” are used to find out the severity ranges of vulnerability. The Base Score evaluates the necessities of an assault (together with authentication, complexity, privileges, person interplay) and its outcomes. For momentary impact, body circumstances that will change over time are thought-about within the take a look at. The danger of the vulnerability talked about right here is assessed as “excessive” based on the CVSS with a base rating of 8.8.

See also  GitLab: Warning of new IT security vulnerability

Autodesk AutoCAD Bug: Summary of recognized vulnerabilities

AutoCAD is a part of Autodesk’s CAD (Computer Aided Design) product line.

A distant, unknown attacker may exploit a number of vulnerabilities in Autodesk AutoCAD to execute malicious code, trigger a denial of service, and compromise recordsdata.

Vulnerabilities are recognized by distinctive CVE (Common Vulnerabilities and Exposures) numbers. CVE-2024-23140, CVE-2024-23141, CVE-2024-23142, CVE-2024-23143, CVE-2024-23144, CVE-2024-23145, CVE-2024-23-23142, CVE-23142 2024-23148 , CVE-2024-23149, CVE-2024-37000, CVE-2024-37001, CVE-2024-37002, CVE-2024-37003, CVE-2024-370020 und4 on the market.

Systems affected by the safety hole at a look

working system
Windows

Products
Autodesk AutoCAD

Common steps to handle IT safety gaps

  1. Users of the affected apps ought to keep up-to-date. When safety holes are recognized, producers are required to repair them shortly by growing a patch or workaround. When new safety updates can be found, set up them instantly.
  2. For data, see the sources listed within the subsequent part. This typically accommodates further details about the most recent model of the software program in query and the supply of safety patches or efficiency suggestions.
  3. If you might have any additional questions or uncertainties, please contact your accountable administrator. IT safety managers ought to recurrently test the required sources to see if a brand new safety replace is obtainable.

Manufacturer details about updates, patches and workarounds

Here you will see that some hyperlinks with details about bug studies, safety fixes and workarounds.

Autodesk Trust Center Security Advisory Vom 2024-06-02 (02.06.2024)
For extra data, see:

Version historical past of this safety alert

This is the primary model of this IT safety discover for Autodesk AutoCAD. This doc might be up to date as updates are introduced. You can see the modifications made utilizing the model historical past beneath.

See also  Soulslike highlights in the current Humble Bundle

June 2, 2024 – First model

+++ Editorial observe: This doc is predicated on present BSI knowledge and might be up to date in a data-driven method relying on the standing of the alert. We welcome suggestions and feedback at [email protected]. +++

comply with News.de you might be right here Facebook, Twitter, Pinterest once more YouTube? Here you will see that scorching information, present movies and a direct line to the editorial crew.

kns/roj/information.de

You may also like

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Privacy & Cookies Policy