ГлавнаяУязвимости → CVE-2025-1276
7.8высокая

CVE-2025-1276

Описание

A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

Затрагиваемое ПО
Autodesk Advance steelAutodesk AutocadAutodesk Autocad architectureAutodesk Autocad electricalAutodesk Autocad ltAutodesk Autocad map 3dAutodesk Autocad mechanicalAutodesk Autocad mepAutodesk Autocad plant 3dAutodesk Civil 3dAutodesk Dwg trueviewAutodesk Infrastructure parts editorAutodesk InventorAutodesk Navisworks manageAutodesk Navisworks simulateAutodesk RevitAutodesk Vault
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.autodesk.com/products/autodesk-access/overviewhttps://www.autodesk.com/products/dwg-trueview/overviewhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004