fkie_cve-2025-1276
Vulnerability from fkie_nvd
Published
2025-04-15 21:15
Modified
2025-08-19 13:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
psirt@autodesk.comhttps://www.autodesk.com/products/autodesk-access/overview
psirt@autodesk.comhttps://www.autodesk.com/products/dwg-trueview/overview
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004Vendor Advisory
Impacted products
Vendor Product Version
autodesk advance_steel *
autodesk advance_steel *
autodesk advance_steel *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk civil_3d *
autodesk civil_3d *
autodesk civil_3d *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor *
autodesk inventor *
autodesk inventor *
autodesk navisworks_manage *
autodesk navisworks_manage *
autodesk navisworks_simulate *
autodesk navisworks_simulate *
autodesk revit *
autodesk revit *
autodesk vault *
autodesk vault *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6635B2E-79F9-4E17-91DE-3147AEAAECD3",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF0503B6-5889-44EA-82BD-8975C69DC4EF",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B8EE53-5CD1-4CC9-9829-ED06BEB742C8",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "BAA7DE4E-9D9D-4A3C-9813-1ECA420CA55D",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "973B1CE6-8763-42F4-9E43-46CA1C0398FE",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "6DF31D4A-4E66-4425-98C3-3A4172F27634",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5628D4-B66A-4D97-A079-0288AB4A78D1",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7063D783-E671-421A-99D2-AC6DFAAA298C",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDEB087-1A78-402D-A50F-64A172B941D3",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6F5A94-EE54-43B3-955F-7C3615D6E0E0",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC07F09-9A3B-4E9B-9A06-D9AC6DD82535",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F923BEB3-D0A6-4FB8-95CA-4AF1369FAB08",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "3B8C034F-57BD-4F6D-B6F0-904FC1212CBB",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "5A34FC4A-17E3-4F32-AF55-146A3E0A8D73",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "DACE53EA-C06D-4BAD-A47C-2AD7D9BA3FC7",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E920B994-CFAF-4585-BBFB-5BB453BB091A",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A19D6B-8863-4A0C-9422-53EF25653A22",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E858EBC9-08A6-480C-A896-C15A1D89FAF7",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9F716E-DA62-473B-8057-D5C1ED9A6068",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F24D151E-23F1-4EBF-8949-088F6A95C2F0",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6BBD42-FFD8-474D-8ABA-A614B5F74508",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DB2C5D-9640-45E1-9D5C-12514E9C6C1B",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A20CE8-64D8-4F4B-9BF8-84A5D691051E",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "939BC44C-8CF2-4BA7-AC06-71B679BDF69A",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54718FCB-A8EE-4852-B406-0D3A41633A4F",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC171BB-5A63-4D93-BAB4-E4C0743686C9",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD85595-32CE-4517-A17F-E3E48114EE6B",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC6A58E-5F08-4D92-8640-D21C24A34B85",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84402AA2-842C-4F45-BEEE-01B4399F8A2D",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E4D88D-B3B5-42A9-B3B6-E95BDCC1E805",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB3814C7-89F1-4769-A667-8A941FECFECA",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5615AA3-02AB-41E6-B207-C8E2BF14381B",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68D32CA8-DAE5-454E-9611-6DC7D39936B6",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ACA58FE-046E-47D0-B091-58725ABC1D5E",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06EEA81D-D2D2-4553-8B50-7CF851D2F451",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2D3721-3DFB-4BF2-AB50-F7FB5D582DFB",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33271DFE-EA9E-470B-889C-920D7CC014D9",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C24857A-342D-4B37-89D7-BAD0C71D58F1",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B7FDC4-BEC1-4F90-A112-6960176F6748",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28734A5D-CAEB-4F94-9892-DA3F45E3DA41",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B72D634-D894-406F-81F0-2421BA22FFAD",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "328F43A7-346C-4C9D-8153-74497327D053",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C38D944-8471-47A0-AFAC-ECA76CB58E57",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6486EE-BCC7-469A-B5B7-B9950B1DEF67",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "611BC4BF-41BF-46D9-ADB2-92B6CBAB9FBE",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo DWG manipulado con fines maliciosos, al analizarse mediante ciertas aplicaciones de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-1276",
  "lastModified": "2025-08-19T13:15:39.800",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-15T21:15:47.320",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/dwg-trueview/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.