A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Autodesk |
|
Configuration 1 [-]
| AND |
|
No data.
References
History
Thu, 25 Sep 2025 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Autodesk 3ds Max
Autodesk advance Steel Autodesk autocad Autodesk autocad Architecture Autodesk autocad Electrical Autodesk autocad Map 3d Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Autodesk civil 3d Autodesk infraworks Autodesk inventor Autodesk revit Autodesk revit Lt Autodesk vault |
|
| CPEs | cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:* cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:* cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:* cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:* |
|
| Vendors & Products |
Autodesk 3ds Max
Autodesk advance Steel Autodesk autocad Autodesk autocad Architecture Autodesk autocad Electrical Autodesk autocad Map 3d Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Autodesk civil 3d Autodesk infraworks Autodesk inventor Autodesk revit Autodesk revit Lt Autodesk vault |
Mon, 22 Sep 2025 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 22 Sep 2025 19:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |
| Title | PRT File Parsing Memory Corruption Vulnerability | |
| First Time appeared |
Autodesk
Autodesk shared Components |
|
| Weaknesses | CWE-120 | |
| CPEs | cpe:2.3:a:autodesk:shared_components:2026.4:*:*:*:*:*:*:* | |
| Vendors & Products |
Autodesk
Autodesk shared Components |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: autodesk
Published: 2025-09-22T19:01:28.720Z
Updated: 2025-09-23T03:55:40.308Z
Reserved: 2025-08-12T15:50:17.780Z
Link: CVE-2025-8892
Vulnrichment
Updated: 2025-09-22T20:32:15.097Z
NVD
Status : Analyzed
Published: 2025-09-22T19:16:28.063
Modified: 2025-09-25T18:24:00.030
Link: CVE-2025-8892
Redhat
No data.