CVE-2019-7365

HIGH

Autodesk Desktop App <7.0.16.29 - Code Injection

Title source: llm

Description

DLL preloading vulnerability in Autodesk Desktop Application versions 7.0.16.29 and earlier. An attacker may trick a user into downloading a malicious DLL file into the working directory, which may then leverage a DLL preloading vulnerability and execute code on the system.

References (1)

[Vendor Advisory] https://www.autodesk.com/trust/security-advisories/adsk-sa-2019-0004

Scores

CVSS v3 7.8

EPSS 0.0007

EPSS Percentile 20.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (1)

autodesk/autodesk_desktop < 7.0.16.29

Timeline

Published Dec 03, 2019

Tracked Since Feb 18, 2026