7.8
CVE-2020-7079
- EPSS 0.13%
- Veröffentlicht 17.04.2020 18:15:11
- Zuletzt bearbeitet 21.11.2024 05:36:37
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
LoginAn improper signature validation vulnerability in Autodesk Dynamo BIM versions 2.5.1 and 2.5.0 may lead to code execution through maliciously crafted DLL files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Autodesk ≫ Dynamo Bim Version2.5.0
Autodesk ≫ Dynamo Bim Version2.5.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.333 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 4.4 | 3.4 | 6.4 |
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
CWE-426 Untrusted Search Path
The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control.