CVE-2024-7995
published 2024-11-05CVE-2024-7995: A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the VRED Design application. Exploitation of this vulnerability may lead to code execution.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| autodesk | vred | >= 2025 < 2025.2 | 2025.2 |
| autodesk | vred_design | >= 2025 < 2025.2 | 2025.2 |