An attacker could leverage an API to pass along a malicious file that could then manipulate the process creation command line in MDT AutoSave versions prior to v6.02.06 and run a command line argument. This could then be leveraged to run a malicious process.
CPE | Name | Operator | Version |
---|---|---|---|
autosave | lt | 6.02.06 | |
autosave | ge | 7.00 | |
autosave | le | 7.04 | |
autosave_for_system_platform | lt | 4.01 | |
autosave_for_system_platform | eq | 5.00 |