CVE-2010-5241

Autodesk AutoCAD 2010 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-5241. PoCs published by xsploited security.

AI-analyzed exploit summary This exploit demonstrates DLL hijacking in Autocad 2007 by replacing the legitimate 'color.dll' with a malicious DLL that executes 'calc.exe' upon loading. The DllMain function triggers the payload when the DLL is loaded by the application.

Description

Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by xsploited security · clocalwindows

https://www.exploit-db.com/exploits/14793

View Code ZIP pw:eip

This exploit demonstrates DLL hijacking in Autocad 2007 by replacing the legitimate 'color.dll' with a malicious DLL that executes 'calc.exe' upon loading. The DllMain function triggers the payload when the DLL is loaded by the application.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Autocad 2007 Professional

No auth needed

Prerequisites: Access to replace 'color.dll' in the Autocad directory · Victim must launch Autocad 2007

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/41156

Scores

EPSS 0.0083

EPSS Percentile 52.5%

Details

Status published

Products (1)

autodesk/autocad 2010

Published Sep 07, 2012

Tracked Since Feb 18, 2026