CVE-2024-23157 is a memory corruption vulnerability classified under CWE-787 (Out-of-bounds Write) affecting Autodesk AutoCAD versions 2022, 2023, 2024, and 2025. The flaw exists in the ODXSW_DLL.dll module, which is responsible for parsing SLDASM and SLDPRT file formats used in AutoCAD for 3D assembly and part files. When a specially crafted malicious file is opened or processed, the parsing logic performs an out-of-bounds write operation, causing memory corruption. This corruption can be leveraged by attackers to execute arbitrary code within the AutoCAD process context. The vulnerability requires local access to the system and user interaction to open or process the malicious file, but no prior authentication or elevated privileges are necessary. The CVSS v3.1 base score is 7.8, reflecting high impact on confidentiality, integrity, and availability, with an attack vector classified as local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), and user interaction required (UI:R). Although no public exploits are known at this time, the potential for code execution makes this a critical concern for organizations relying on AutoCAD for design and engineering workflows. The vulnerability underscores the risks associated with handling untrusted CAD files and the importance of secure file processing in design software.

For European organizations, especially those in manufacturing, architecture, engineering, and construction sectors, this vulnerability could lead to severe consequences. Successful exploitation allows attackers to execute arbitrary code, potentially leading to theft or manipulation of sensitive design data, disruption of design workflows, and compromise of intellectual property. This could result in financial losses, reputational damage, and operational downtime. Given AutoCAD's widespread use in Europe, particularly in countries with strong industrial and engineering sectors, the risk is significant. Additionally, compromised systems could be used as pivot points for further network intrusion, increasing the overall threat landscape. The requirement for user interaction means social engineering or phishing campaigns could be leveraged to deliver malicious files, increasing the attack surface. The high impact on confidentiality, integrity, and availability makes this vulnerability a critical concern for protecting sensitive CAD data and maintaining business continuity.

1. Apply official patches from Autodesk as soon as they are released to address CVE-2024-23157. 2. Until patches are available, restrict the opening of SLDASM and SLDPRT files from untrusted or unknown sources. 3. Implement strict file validation and sandboxing mechanisms for CAD files to detect and isolate potentially malicious content. 4. Employ application whitelisting to limit execution of unauthorized binaries and DLLs within AutoCAD environments. 5. Educate users on the risks of opening unsolicited or unexpected CAD files, emphasizing caution with email attachments and downloads. 6. Monitor network and endpoint logs for unusual AutoCAD process behavior or file access patterns indicative of exploitation attempts. 7. Use endpoint detection and response (EDR) tools to detect memory corruption or code injection attempts related to AutoCAD processes. 8. Limit local user privileges to reduce the impact of potential exploitation. 9. Maintain regular backups of critical design files and system states to enable recovery in case of compromise.