CVE-2023-27908

Summary

A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability.

Affected Software

VendorProductVersion RangeStatus
n/aAutodesk installer1.29.0.90 or later, included with 2023 and 2024 product installsaffected

Weaknesses

  • Privilege Escalation vulnerability.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References