Privilege Escalation Vulnerability in Autodesk Licensing Installer
CVE-2021-27032

7.8HIGH

Key Information:

Vendor

Autodesk
Status
Autodesk Licensing Installer
Vendor
CVE Published:
28 May 2021

What is CVE-2021-27032?

The Autodesk Licensing Installer is susceptible to privilege escalation, where a malicious user with limited access may exploit weak service permissions. This flaw allows the attacker to identify services with improperly configured permissions that run under elevated privileges. As a result, any user on the system could potentially modify the service configuration and take control over vital services.

Affected Version(s)

Autodesk Licensing Installer 9.0.1.1462.100

References

https://knowledge.autodesk.com/search-result/caas/downloa...
x_refsource_MISC
https://www.autodesk.com/trust/security-advisories/adsk-s...
x_refsource_MISC
https://www.autodesk.com/trust/security-advisories/adsk-s...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.