CVE-2024-11454
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Dec 9, 2024
CWE ID 426
Summary
CVE-2024-11454 is a newly disclosed vulnerability affecting Autodesk Revit. Malicious DLL files placed in the same directory as an RVT file can be loaded by the software, executing arbitrary code within the current process due to an untrusted search path utilized by Autodesk Revit. This issue poses a significant risk, as attackers could exploit it to gain unauthorized access, install malware, or disrupt operations. Users are advised to update their Autodesk Revit installation as soon as a patch is available to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Autodesk Revit
Affected Vendors
- Autodesk