Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
A maliciously crafted binary file when downloaded could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to an untrusted search path being utilized in the Autodesk Installer application. Exploitation of this vulnerability may lead to code execution.
AnalysisAI
Privilege escalation vulnerability in Autodesk Installer applications where a maliciously crafted binary file exploits an untrusted search path to achieve NT AUTHORITY/SYSTEM level code execution. The vulnerability requires local user interaction (file download) but no privileges, making it a significant risk for Windows environments running Autodesk products. While CVSS 7.8 indicates high severity, the local attack vector and required user interaction limit the attack surface compared to remote exploits.
Technical ContextAI
This vulnerability stems from CWE-426 (Untrusted Search Path), a well-known class of privilege escalation flaws where applications search for dependencies or binaries in directories that an unprivileged attacker can modify. The Autodesk Installer application fails to validate the integrity or source of binary files during the installation or update process, allowing an attacker to place a malicious binary in a predictable search path (typically %PATH%, current directory, or application-specific directories). When the installer executes and searches for required binaries or libraries without absolute path validation or signature verification, it loads the attacker-controlled malicious binary instead of the legitimate one, executing arbitrary code with the elevated privileges (NT AUTHORITY/SYSTEM) that the installer process runs under. This is a classic DLL hijacking or path injection attack pattern common in Windows software.
RemediationAI
- Immediate: Autodesk should release patched installer versions that implement trusted search path validation (absolute paths), digital signature verification for loaded binaries, and manifest-based dependency loading. 2. For End Users: Update Autodesk applications and installers to the latest patched versions from Autodesk's official website or subscription portal. 3. Workarounds (pending patches): (a) Disable or remove write permissions on directories in the installer's search path for unprivileged users, (b) Run installers from isolated or read-only network shares where possible, (c) Use AppLocker or Code Integrity policies to whitelist only legitimate Autodesk binaries, (d) Educate users not to download installer executables from untrusted sources. 4. Configuration: Ensure installers run with minimal required privileges; disable auto-update features from untrusted sources. Patch references and vendor advisories should be sourced from Autodesk's official security bulletins (typically security.autodesk.com) once published.
Improper Restriction of Excessive Authentication Attempts in GitHub repository modoboa/modoboa-installer prior to 2.0.4.
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer c
A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing
A maliciously crafted file, when executed on the victim's machine, can lead to privilege escalation to NT AUTHORITY/SYST
Same weakness CWE-426 – Untrusted Search Path
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-17690