CVE-2023-27908

A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability.

Published: Jun 23, 2023
Updated: Jul 4, 2023
CVE: CVE-2023-27908
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-427

Affected Software
References

Software	From	Fixed in
autodesk / installer	1.29.0.90	1.39.0.216

https://www.autodesk.com/trust/security-advisories/adsk-sa-2023-0010

Vulnerability Database

289,871

CVE-2023-27908