ГлавнаяУязвимости → CVE-2025-1275
7.8высокая

CVE-2025-1275

Описание

A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Затрагиваемое ПО
Autodesk Autocad mechanicalAutodesk Autocad mepAutodesk Autocad plant 3dAutodesk Civil 3dAutodesk Advance steelAutodesk Autocad map 3dAutodesk Autocad ltAutodesk Dwg trueviewAutodesk RevitAutodesk AutocadAutodesk Autocad architectureAutodesk Autocad electrical
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.autodesk.com/products/autodesk-access/overviewhttps://www.autodesk.com/products/dwg-trueview/overviewhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0006