CVE-2025-8894: A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage…

high7.8CVSS 3.1

AVLACLPRNUIRSUCHIHAH

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Affected

46 ranges· showing 25

Vendor	Product	Version range	Fixed in
autodesk	advance_steel	>= 2023 < 2023.1.8	2023.1.8
autodesk	advance_steel	>= 2024 < 2024.1.8	2024.1.8
autodesk	advance_steel	>= 2025 < 2025.1.3	2025.1.3
autodesk	advance_steel	>= 2026 < 2026.1	2026.1
autodesk	autocad	>= 2023 < 2023.1.8	2023.1.8
autodesk	autocad	>= 2024 < 2024.1.8	2024.1.8
autodesk	autocad	>= 2025 < 2025.1.3	2025.1.3
autodesk	autocad	>= 2026 < 2026.1	2026.1
autodesk	autocad_architecture	>= 2023 < 2023.1.8	2023.1.8
autodesk	autocad_architecture	>= 2024 < 2024.1.8	2024.1.8
autodesk	autocad_architecture	>= 2025 < 2025.1.3	2025.1.3
autodesk	autocad_architecture	>= 2026 < 2026.1	2026.1
autodesk	autocad_electrical	>= 2023 < 2023.1.8	2023.1.8
autodesk	autocad_electrical	>= 2024 < 2024.1.8	2024.1.8
autodesk	autocad_electrical	>= 2025 < 2025.1.3	2025.1.3
autodesk	autocad_electrical	>= 2026 < 2026.1	2026.1
autodesk	autocad_lt	>= 2023 < 2023.1.8	2023.1.8
autodesk	autocad_lt	>= 2024 < 2024.1.8	2024.1.8
autodesk	autocad_lt	>= 2025 < 2025.1.3	2025.1.3
autodesk	autocad_lt	>= 2026 < 2026.1	2026.1
autodesk	autocad_map_3d	>= 2023 < 2023.1.8	2023.1.8
autodesk	autocad_map_3d	>= 2024 < 2024.1.8	2024.1.8
autodesk	autocad_map_3d	>= 2025 < 2025.1.3	2025.1.3
autodesk	autocad_map_3d	>= 2026 < 2026.1	2026.1
autodesk	autocad_mechanical	>= 2023 < 2023.1.8	2023.1.8