- Description
- A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.
- Source
- psirt@autodesk.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@autodesk.com
- CWE-426
- Hype score
- Not currently trending
CVE-2024-11454 A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the c… https://t.co/5KLQgMcV7s
@CVEnew
10 Dec 2024
171 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11454 Untrusted Search Path Leads to Arbitrary Code Execution in Autodesk Revit A dangerous DLL file can be placed in the same folder as an RVT file. If this happens, Autodesk Revit might load it. This c... https://t.co/KdXZ3T4IMw
@VulmonFeeds
10 Dec 2024
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes