exploitDog

CVE-2024-7995

Опубликовано: 05 нояб. 2024

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution.

Ссылки

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0022

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:autodesk:vred:*:*:*:*:design:*:*:*

Версия от 2025 (включая) до 2025.2 (исключая)

EPSS

Процентиль: 38%

0.00163

Низкий

7.8 High

CVSS3

Дефекты

CWE-426

Связанные уязвимости

GHSA-9hqw-38w2-29xc

CVSS3: 7.8

github

больше 1 года назад

A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution.

EPSS

Процентиль: 38%

0.00163

Низкий

7.8 High

CVSS3

Дефекты

CWE-426