A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Metrics
Affected Vendors & Products
References
History
Tue, 26 Aug 2025 17:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Tue, 26 Aug 2025 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:* cpe:2.3:a:autodesk:revit:2024:*:*:*:*:*:*:* |
|
References |
|
Wed, 07 May 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-787 | |
CPEs | cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:* |
Mon, 09 Dec 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Autodesk
Autodesk revit |
|
CPEs | cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:* | |
Vendors & Products |
Autodesk
Autodesk revit |
|
Metrics |
ssvc
|
Mon, 09 Dec 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |
Weaknesses | CWE-122 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: autodesk
Published:
Updated: 2025-08-28T14:38:16.647Z
Reserved: 2024-11-21T20:20:48.343Z
Link: CVE-2024-11608

Updated: 2024-12-09T18:04:31.760Z

Status : Modified
Published: 2024-12-09T18:15:22.580
Modified: 2025-08-26T17:15:34.730
Link: CVE-2024-11608

No data.

No data.