CVE-2025-10885
published 2025-11-06CVE-2025-10885: A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| autodesk | installer | < 2.19 | 2.19 |
| autodesk | installer | >= 2.18 < 2.19 | 2.19 |