CVE-2024-3298

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Apr 4, 2024

CWE ID 918

Summary

CVE-2024-3298 is a newly identified vulnerability affecting eDrawings from SOLIDWORKS 2023 to 2024. This issue encompasses both Out-Of-Bounds Write and Type Confusion vulnerabilities that can be exploited when opening a maliciously crafted DWG or DXF file. An attacker could leverage these weaknesses to execute arbitrary code, potentially leading to serious security consequences. Notably, this vulnerability was recently separated from CVE-2024-1847.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Microsoft SharePoint Server

Affected Vendors

Microsoft

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/vjRIqs
https://www.cve.org/CVERecord?id=CVE-2024-3298
https://nvd.nist.gov/vuln/detail/CVE-2024-3298

Back to Vulnerability Database