Description
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Published: 2025-09-22
Score: 7.8 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2025-30460 A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
History

Thu, 25 Sep 2025 18:30:00 +0000

Type Values Removed Values Added
First Time appeared Autodesk 3ds Max
Autodesk advance Steel
Autodesk autocad
Autodesk autocad Architecture
Autodesk autocad Electrical
Autodesk autocad Map 3d
Autodesk autocad Mechanical
Autodesk autocad Mep
Autodesk autocad Plant 3d
Autodesk civil 3d
Autodesk infraworks
Autodesk inventor
Autodesk revit
Autodesk revit Lt
Autodesk vault
CPEs cpe:2.3:a:autodesk:3ds_max:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:advance_steel:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_map_3d:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_mep:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:civil_3d:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:infraworks:2026:-:*:*:*:*:*:*
cpe:2.3:a:autodesk:inventor:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:shared_components:2026.3:*:*:*:*:*:*:*
cpe:2.3:a:autodesk:vault:2026:*:*:*:*:*:*:*
Vendors & Products Autodesk 3ds Max
Autodesk advance Steel
Autodesk autocad
Autodesk autocad Architecture
Autodesk autocad Electrical
Autodesk autocad Map 3d
Autodesk autocad Mechanical
Autodesk autocad Mep
Autodesk autocad Plant 3d
Autodesk civil 3d
Autodesk infraworks
Autodesk inventor
Autodesk revit
Autodesk revit Lt
Autodesk vault

Mon, 22 Sep 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 22 Sep 2025 19:15:00 +0000

Type Values Removed Values Added
Description A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Title PRT File Parsing Memory Corruption Vulnerability
First Time appeared Autodesk
Autodesk shared Components
Weaknesses CWE-120
CPEs cpe:2.3:a:autodesk:shared_components:2026.4:*:*:*:*:*:*:*
Vendors & Products Autodesk
Autodesk shared Components
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Autodesk 3ds Max Advance Steel Autocad Autocad Architecture Autocad Electrical Autocad Map 3d Autocad Mechanical Autocad Mep Autocad Plant 3d Civil 3d Infraworks Inventor Revit Revit Lt Shared Components Vault
cve-icon MITRE

Status: PUBLISHED

Assigner: autodesk

Published:

Updated: 2026-02-26T17:48:19.938Z

Reserved: 2025-08-12T15:50:17.780Z

Link: CVE-2025-8892

cve-icon Vulnrichment

Updated: 2025-09-22T20:32:15.097Z

cve-icon NVD

Status : Analyzed

Published: 2025-09-22T19:16:28.063

Modified: 2025-09-25T18:24:00.030

Link: CVE-2025-8892

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses