Autodesk ID: ADSK-SA-2025-0022 Product: Autodesk Installer Impact: Privilege Escalation Severity: High Original Publish Date: 11/06/2025 Last Revised Date: 11/06/2025 Summary: The vulnerability can lead to code execution, requiring user interaction. Vulnerability Details: - CVE-2025-10885: A malicious file can cause privilege escalation to NT AUTHORITY\\SYSTEM due to insufficient binary validation, enabling SYSTEM-level code execution by a local, low-privilege attacker. Affected Products Versions: - Affected: 2.18 or earlier - Mitigated: 2.19 or later Recommendations: Install the latest versions via Autodesk Installer and open only trusted files. Acknowledgements: - Masahiro Iida (LAC Co.) reported CVE-2025-10885 to Autodesk. Revision History: - Version 1.0: Initial release on 11/06/2025.