exploitDog

CVE-2023-29069

Опубликовано: 22 нояб. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs. These files may then have elevated privileges leading to a Privilege Escalation vulnerability.

Ссылки

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0013
Vendor Advisory
https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0013
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:autodesk:desktop_connector:*:*:*:*:*:*:*:*

Версия до 16.2.1.2016 (включая)

EPSS

Процентиль: 74%

0.008

Низкий

7.8 High

CVSS3

Дефекты

CWE-427

Связанные уязвимости

GHSA-rg8p-2vxf-qwr4

CVSS3: 7.8

github

около 2 лет назад

A maliciously crafted DLL file can be forced to install onto a non-default location, and attacker can overwrite parts of the product with malicious DLLs. These files may then have elevated privileges leading to a Privilege Escalation vulnerability.

EPSS

Процентиль: 74%

0.008

Низкий

7.8 High

CVSS3

Дефекты

CWE-427