Autodesk Installer vulnerabilities

CVE-2025-10885 [HIGH] CWE-250 CVE-2025-10885: A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYSTEM due to an insufficient validation of loaded binaries. An attacker with local and low-privilege access could exploit this to execute code as SYSTEM.

CVE-2025-5335 [HIGH] CWE-426 CVE-2025-5335: A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHO A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the Autodesk Installer application. Exploitation of this vulnerability may lead to code execution.

CVE-2024-9500 [HIGH] CWE-379 CVE-2024-9500: A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management.

CVE-2023-27908 [HIGH] CWE-427 CVE-2023-27908: A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk in A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability.