First published: Thu Dec 19 2024(Updated: )
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk Navisworks Freedom. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-12179.
Affected Software | Affected Version | How to fix |
---|---|---|
Autodesk Navisworks |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ZDI-24-1707 is a high severity vulnerability allowing remote code execution.
To fix ZDI-24-1707, apply the latest security updates provided by Autodesk for Navisworks Freedom.
Only installations of Autodesk Navisworks Freedom are affected by ZDI-24-1707.
The attack vector for ZDI-24-1707 requires user interaction, such as visiting a malicious page or opening a malicious file.
ZDI-24-1707 is a remote code execution vulnerability.