Vulnerability Description
Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues. A malicious user with limited privileges could run any number of tools on a system to identify services that are configured with weak permissions and are running under elevated privileges. These weak permissions could allow all users on the operating system to modify the service configuration and take ownership of the service.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Autodesk | Licensing Services | 9.0.1.1462.100 |
Related Weaknesses (CWE)
References
- https://knowledge.autodesk.com/search-result/caas/downloads/content/autodesk-licProductVendor Advisory
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0002Vendor Advisory
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0002%3B
- https://knowledge.autodesk.com/search-result/caas/downloads/content/autodesk-licProductVendor Advisory
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0002Vendor Advisory
- https://www.autodesk.com/trust/security-advisories/adsk-sa-2021-0002%3B
FAQ
What is CVE-2021-27032?
CVE-2021-27032 is a vulnerability with a CVSS score of 7.8 (HIGH). Autodesk Licensing Installer was found to be vulnerable to privilege escalation issues. A malicious user with limited privileges could run any number of tools on a system to identify services that are...
How severe is CVE-2021-27032?
CVE-2021-27032 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-27032?
Check the references section above for vendor advisories and patch information. Affected products include: Autodesk Licensing Services.