Autodesk Autocad Architecture vulnerabilities

CVE-2025-8894 [HIGH] CWE-122 CVE-2025-8894: A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Base A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-8893 [HIGH] CWE-787 CVE-2025-8893: A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-B A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CVE-2025-5047 [HIGH] CWE-457 CVE-2025-5047: A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Var A maliciously crafted DGN file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-5046 [HIGH] CWE-125 CVE-2025-5046: A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-B A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-5048 [HIGH] CWE-120 CVE-2025-5048: A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Co A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

CVE-2025-1656 [HIGH] CWE-122 CVE-2025-1656: A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1277 [HIGH] CWE-120 CVE-2025-1277: A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corrup A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

CVE-2025-1276 [HIGH] CWE-787 CVE-2025-1276: A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out- A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CVE-2025-1274 [HIGH] CWE-787 CVE-2025-1274: A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CVE-2025-1273 [HIGH] CWE-122 CVE-2025-1273: A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1275 [HIGH] CWE-122 CVE-2025-1275: A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can forc A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1428 [HIGH] CWE-125 CVE-2025-1428: A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1427 [HIGH] CWE-457 CVE-2025-1427: A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitiali A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1649 [HIGH] CWE-457 CVE-2025-1649: A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitiali A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1652 [HIGH] CWE-125 CVE-2025-1652: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds R A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1650 [HIGH] CWE-457 CVE-2025-1650: A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitiali A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1429 [HIGH] CWE-122 CVE-2025-1429: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overf A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1651 [HIGH] CWE-122 CVE-2025-1651: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overf A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2025-1430 [HIGH] CWE-120 CVE-2025-1430: A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corrupti A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

CVE-2025-1431 [HIGH] CWE-125 CVE-2025-1431: A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.