CVE-2020-7079

Name of the Vulnerable Software and Affected Versions: Autodesk Dynamo BIM versions 2.5.0 through 2.5.1

Description: The issue is related to improper signature validation and path checking errors for loaded dynamic libraries in the Dynamo BIM graphical programming add-on. This could allow an attacker to execute arbitrary code through maliciously crafted DLL files.

Recommendations: For Autodesk Dynamo BIM versions 2.5.0 and 2.5.1, consider restricting the loading of external DLL files until a patch is available. As a temporary workaround, avoid using potentially malicious DLL files with the affected software until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.