Autodesk Realdwg vulnerabilities

CVE-2025-5039 [HIGH] CWE-426 CVE-2025-5039: A maliciously crafted binary file, when present while loading files in certain Autodesk applications A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.

CVE-2025-1276 [HIGH] CWE-787 CVE-2025-1276: A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out- A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CVE-2024-9997 [HIGH] CWE-120 CVE-2024-9997: A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-9489 [HIGH] CWE-119 CVE-2024-9489: A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory C A maliciously crafted DWG file when parsed in ACAD.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-7992 [HIGH] CWE-121 CVE-2024-7992: A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based produ A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a Stack-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVE-2024-9996 [HIGH] CWE-787 CVE-2024-9996: A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out A maliciously crafted DWG file, when parsed in acdb25.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CVE-2024-7991 [HIGH] CWE-787 CVE-2024-7991: A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based produ A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

CVE-2024-8896 [HIGH] CWE-908 CVE-2024-8896: A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to acces A maliciously crafted DXF file when parsed in acdb25.dll through Autodesk AutoCAD can force to access a variable prior to initialization. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process.