CVE-2024-7670 Information

Description

A maliciously crafted DWFX file when parsed in w3dtk.dll through Autodesk Navisworks can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash read sensitive data or execute arbitrary code in the context of the current process.

Reference

https://autodesk.com/trust/security-advisories/adsk-sa-2024-0015