Unintended Sphere of Control: Privilege Escalation and Arbitrary Code Execution in Autodesk Desktop App

Unintended Sphere of Control: Privilege Escalation and Arbitrary Code Execution in Autodesk Desktop App

CVE-2022-33882 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Under certain conditions, an attacker could create an unintended sphere of control through a vulnerability present in file delete operation in Autodesk desktop app (ADA). An attacker could leverage this vulnerability to escalate privileges and execute arbitrary code.

Learn more about our Cis Benchmark Audit For Desktop Software.