CVE-2024-9500

Published Nov 15, 2024

Last updated 2 days ago

CVSS high 7.2

Overview

Description
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.
Source
psirt@autodesk.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.2
Impact score
5.8
Exploitability score
0.8
Vector string
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
Severity
HIGH

Weaknesses

psirt@autodesk.com
CWE-269

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. CVE-2024-9500 Privilege Escalation in Autodesk Installer via DLL Hijacking A dangerous DLL file could be put in temporary files and folders used by the Autodesk Installer. Because of weak privilege management, th... https://t.co/pQPGUyCnp2

    @VulmonFeeds

    16 Nov 2024

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References