ГлавнаяУязвимости → CVE-2025-1432
7.8высокая

CVE-2025-1432

Описание

A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Затрагиваемое ПО
Autodesk AutocadAutodesk Autocad architectureAutodesk Autocad electricalAutodesk Autocad mechanicalAutodesk Autocad mepAutodesk Autocad plant 3dAutodesk Civil 3dAutodesk Advance steelAutodesk Autocad map 3d
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.autodesk.com/products/autodesk-access/overviewhttps://www.autodesk.com/support/technical/article/caas/sfdcarticles/sfdcarticles/Where-can-I-download-the-latest-update-of-AutoCAD-AutoCAD-LT-2022.htmlhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001