CVE-2025-5335

Summary

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the Autodesk Installer application. Exploitation of this vulnerability may lead to code execution.

Affected Software

VendorProductVersion RangeStatus
AutodeskInstaller2.13 < 2.15affected

Weaknesses

  • CWE-426: CWE-426 Untrusted Search Path

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References