CVE-2023-27908
First published: Fri Jun 23 2023(Updated: )
A maliciously crafted DLL file can be forced to write beyond allocated boundaries in the Autodesk installer when parsing the DLL files and could lead to a Privilege Escalation vulnerability.
Credit: psirt@autodesk.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Autodesk Installer | >=1.29.0.90<1.39.0.216 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this security issue?
The vulnerability ID of this security issue is CVE-2023-27908.
What is the severity of CVE-2023-27908?
The severity of CVE-2023-27908 is high, with a severity value of 7.8.
Which software is affected by CVE-2023-27908?
The Autodesk installer software versions between 1.29.0.90 and 1.39.0.216 are affected by CVE-2023-27908.
What is the risk associated with CVE-2023-27908?
CVE-2023-27908 poses a Privilege Escalation vulnerability, allowing an attacker to gain elevated privileges.
How can I mitigate the impact of CVE-2023-27908?
To mitigate the impact of CVE-2023-27908, it is recommended to update the Autodesk installer software to a version that includes the necessary security patches.
- agent/type
- agent/softwarecombine
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/autodesk
- canonical/autodesk installer
- version/autodesk installer/1.29.0.90