exploitDog

CVE-2024-9500

Опубликовано: 15 нояб. 2024

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.

Ссылки

https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0023
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:autodesk:installer:*:*:*:*:*:*:*:*

Версия до 2.10.0.20 (исключая)

EPSS

Процентиль: 71%

0.00696

Низкий

7.8 High

CVSS3

Дефекты

CWE-379

NVD-CWE-noinfo

Связанные уязвимости

GHSA-87wv-cch6-jjh9

CVSS3: 7.2

github

около 1 года назад

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.

EPSS

Процентиль: 71%

0.00696

Низкий

7.8 High

CVSS3

Дефекты

CWE-379

NVD-CWE-noinfo