Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for navisworks_simulate by autodesk

    CVE-2025-5039 (GCVE-0-2025-5039)

    Vulnerability from nvd – Published: 2025-07-24 17:11 – Updated: 2026-05-28 19:50
    VLAI
    Title
    Privilege Ecalation due to Untrusted Search Path Vulnerability
    Summary
    A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
    Severity
    7.8 (High)
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk RealDWG Affected: 2026 , < 2026.0.2 (custom)
        cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk 3ds Max Affected: 2027 , < 2027.1 (custom)
    Affected: 2026 , < 2026.3.3 (custom)
        cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Show details on NVD website
    To clipboard 

    {
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5039",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-25T03:55:31.845753Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:15.076Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.0.2",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "3ds Max",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2027.1",
              "status": "affected",
              "version": "2027",
              "versionType": "custom"
            },
            {
              "lessThan": "2026.3.3",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-38",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-28T19:50:20.274Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-5039",
    "datePublished": "2025-07-24T17:11:14.714Z",
    "dateReserved": "2025-05-21T13:00:59.147Z",
    "dateUpdated": "2026-05-28T19:50:20.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

    CVE-2025-1276 (GCVE-0-2025-1276)

    Vulnerability from nvd – Published: 2025-04-15 20:55 – Updated: 2026-02-26 18:28
    VLAI
    Title
    DWG File Parsing Out-of-Bounds Write Vulnerability
    Summary
    A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
    Severity
    7.8 (High)
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Architecture Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Electrical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD MAP 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Mechanical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD MEP Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Plant 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk Advance Steel Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk RealDWG Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
        cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk DWG TrueView Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Show details on NVD website
    To clipboard 

    {
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1276",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T03:55:46.650494Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:17.781Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-07T20:54:16.150Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/dwg-trueview/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-1276",
    "datePublished": "2025-04-15T20:55:04.255Z",
    "dateReserved": "2025-02-13T15:16:31.469Z",
    "dateUpdated": "2026-02-26T18:28:17.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

    CVE-2025-5039 (GCVE-0-2025-5039)

    Vulnerability from cvelistv5 – Published: 2025-07-24 17:11 – Updated: 2026-05-28 19:50
    VLAI
    Title
    Privilege Ecalation due to Untrusted Search Path Vulnerability
    Summary
    A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
    Severity
    7.8 (High)
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2026 , < 2026.1 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk RealDWG Affected: 2026 , < 2026.0.2 (custom)
        cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk 3ds Max Affected: 2027 , < 2027.1 (custom)
    Affected: 2026 , < 2026.3.3 (custom)
        cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Show details on NVD website
    To clipboard 

    {
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5039",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-25T03:55:31.845753Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:50:15.076Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.1",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2026.0.2",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:3ds_max:2027:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "3ds Max",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2027.1",
              "status": "affected",
              "version": "2027",
              "versionType": "custom"
            },
            {
              "lessThan": "2026.3.3",
              "status": "affected",
              "version": "2026",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-38",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-38 Leveraging/Manipulating Configuration File Search Paths"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-28T19:50:20.274Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Privilege Ecalation due to Untrusted Search Path Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-5039",
    "datePublished": "2025-07-24T17:11:14.714Z",
    "dateReserved": "2025-05-21T13:00:59.147Z",
    "dateUpdated": "2026-05-28T19:50:20.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

    CVE-2025-1276 (GCVE-0-2025-1276)

    Vulnerability from cvelistv5 – Published: 2025-04-15 20:55 – Updated: 2026-02-26 18:28
    VLAI
    Title
    DWG File Parsing Out-of-Bounds Write Vulnerability
    Summary
    A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
    Severity
    7.8 (High)
    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    Autodesk AutoCAD Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Architecture Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Electrical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD MAP 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Mechanical Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD MEP Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD Plant 3D Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk Advance Steel Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk AutoCAD LT Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk RealDWG Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
        cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Autodesk DWG TrueView Affected: 2025 , < 2025.1.2 (custom)
    Affected: 2024 , < 2024.1.7 (custom)
    Affected: 2023 , < 2023.1.7 (custom)
        cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*
        cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*
    		 Create a notification for this product.
    Show details on NVD website
    To clipboard 

    {
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1276",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-18T03:55:46.650494Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T18:28:17.781Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_architecture:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_architecture:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Architecture",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_electrical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_electrical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Electrical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_map_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_map_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MAP 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mechanical:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mechanical:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Mechanical",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_mep:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_mep:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD MEP",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_plant_3d:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_plant_3d:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD Plant 3D",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:advance_steel:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:advance_steel:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Advance Steel",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:autocad_lt:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:autocad_lt:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "AutoCAD LT",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:realdwg:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:realdwg:2024:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "RealDWG",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:autodesk:dwg_trueview:2025:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2024:*:*:*:*:*:*:*",
            "cpe:2.3:a:autodesk:dwg_trueview:2023:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "DWG TrueView",
          "vendor": "Autodesk",
          "versions": [
            {
              "lessThan": "2025.1.2",
              "status": "affected",
              "version": "2025",
              "versionType": "custom"
            },
            {
              "lessThan": "2024.1.7",
              "status": "affected",
              "version": "2024",
              "versionType": "custom"
            },
            {
              "lessThan": "2023.1.7",
              "status": "affected",
              "version": "2023",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.\u003cbr\u003e"
            }
          ],
          "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-100",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-100 Overflow Buffers"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-Bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-07T20:54:16.150Z",
        "orgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
        "shortName": "autodesk"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/autodesk-access/overview"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://www.autodesk.com/products/dwg-trueview/overview"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "DWG File Parsing Out-of-Bounds Write Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7e40ea87-bc65-4944-9723-dd79dd760601",
    "assignerShortName": "autodesk",
    "cveId": "CVE-2025-1276",
    "datePublished": "2025-04-15T20:55:04.255Z",
    "dateReserved": "2025-02-13T15:16:31.469Z",
    "dateUpdated": "2026-02-26T18:28:17.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}