CVE-2024-9500

Summary

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.

Affected Software

VendorProductVersion RangeStatus
AutodeskInstaller2.10.0.17 < 2.10.0.20affected

Weaknesses

  • CWE-379: CWE-379 Creation of Temporary File in Directory with Insecure Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References