CVE-2024-9500

Name of the Vulnerable Software and Affected Versions Autodesk Installer version 2.10.0.17

Description A maliciously crafted DLL file, when placed in temporary files and folders used by the Autodesk Installer, could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management. This issue is related to DLL hijacking and weak privilege management.

Recommendations For Autodesk Installer version 2.10.0.17, update to a patched version immediately to resolve the issue. Additionally, review access controls to minimize the risk of exploitation. As a temporary workaround, consider restricting access to temporary files and folders used by the Autodesk Installer to prevent malicious DLL files from being executed.