FKIE_CVE-2025-1276

Vulnerability from fkie_nvd - Published: 2025-04-15 21:15 - Updated: 2025-08-19 13:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
References
psirt@autodesk.comhttps://www.autodesk.com/products/autodesk-access/overview
psirt@autodesk.comhttps://www.autodesk.com/products/dwg-trueview/overview
psirt@autodesk.comhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004Vendor Advisory
Impacted products
Vendor Product Version
autodesk advance_steel *
autodesk advance_steel *
autodesk advance_steel *
autodesk autocad *
autodesk autocad *
autodesk autocad *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_architecture *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_electrical *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_lt *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_map_3d *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mechanical *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_mep *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk autocad_plant_3d *
autodesk civil_3d *
autodesk civil_3d *
autodesk civil_3d *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk dwg_trueview *
autodesk infrastructure_parts_editor *
autodesk infrastructure_parts_editor *
autodesk inventor *
autodesk inventor *
autodesk navisworks_manage *
autodesk navisworks_manage *
autodesk navisworks_simulate *
autodesk navisworks_simulate *
autodesk revit *
autodesk revit *
autodesk vault *
autodesk vault *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6635B2E-79F9-4E17-91DE-3147AEAAECD3",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF0503B6-5889-44EA-82BD-8975C69DC4EF",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36B8EE53-5CD1-4CC9-9829-ED06BEB742C8",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "BAA7DE4E-9D9D-4A3C-9813-1ECA420CA55D",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "973B1CE6-8763-42F4-9E43-46CA1C0398FE",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "6DF31D4A-4E66-4425-98C3-3A4172F27634",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C5628D4-B66A-4D97-A079-0288AB4A78D1",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7063D783-E671-421A-99D2-AC6DFAAA298C",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DDEB087-1A78-402D-A50F-64A172B941D3",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6F5A94-EE54-43B3-955F-7C3615D6E0E0",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC07F09-9A3B-4E9B-9A06-D9AC6DD82535",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F923BEB3-D0A6-4FB8-95CA-4AF1369FAB08",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "3B8C034F-57BD-4F6D-B6F0-904FC1212CBB",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "5A34FC4A-17E3-4F32-AF55-146A3E0A8D73",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "DACE53EA-C06D-4BAD-A47C-2AD7D9BA3FC7",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E920B994-CFAF-4585-BBFB-5BB453BB091A",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A19D6B-8863-4A0C-9422-53EF25653A22",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E858EBC9-08A6-480C-A896-C15A1D89FAF7",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD9F716E-DA62-473B-8057-D5C1ED9A6068",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F24D151E-23F1-4EBF-8949-088F6A95C2F0",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6BBD42-FFD8-474D-8ABA-A614B5F74508",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "78DB2C5D-9640-45E1-9D5C-12514E9C6C1B",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00A20CE8-64D8-4F4B-9BF8-84A5D691051E",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "939BC44C-8CF2-4BA7-AC06-71B679BDF69A",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "54718FCB-A8EE-4852-B406-0D3A41633A4F",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEC171BB-5A63-4D93-BAB4-E4C0743686C9",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AD85595-32CE-4517-A17F-E3E48114EE6B",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9FC6A58E-5F08-4D92-8640-D21C24A34B85",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "84402AA2-842C-4F45-BEEE-01B4399F8A2D",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E4D88D-B3B5-42A9-B3B6-E95BDCC1E805",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB3814C7-89F1-4769-A667-8A941FECFECA",
              "versionEndExcluding": "2023.1.7",
              "versionStartIncluding": "2023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5615AA3-02AB-41E6-B207-C8E2BF14381B",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:dwg_trueview:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "68D32CA8-DAE5-454E-9611-6DC7D39936B6",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9ACA58FE-046E-47D0-B091-58725ABC1D5E",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "06EEA81D-D2D2-4553-8B50-7CF851D2F451",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA2D3721-3DFB-4BF2-AB50-F7FB5D582DFB",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "33271DFE-EA9E-470B-889C-920D7CC014D9",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C24857A-342D-4B37-89D7-BAD0C71D58F1",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E3B7FDC4-BEC1-4F90-A112-6960176F6748",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28734A5D-CAEB-4F94-9892-DA3F45E3DA41",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B72D634-D894-406F-81F0-2421BA22FFAD",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "328F43A7-346C-4C9D-8153-74497327D053",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C38D944-8471-47A0-AFAC-ECA76CB58E57",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C6486EE-BCC7-469A-B5B7-B9950B1DEF67",
              "versionEndExcluding": "2024.1.7",
              "versionStartIncluding": "2024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "611BC4BF-41BF-46D9-ADB2-92B6CBAB9FBE",
              "versionEndExcluding": "2025.1.2",
              "versionStartIncluding": "2025",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process."
    },
    {
      "lang": "es",
      "value": "Un archivo DWG manipulado con fines maliciosos, al analizarse mediante ciertas aplicaciones de Autodesk, puede forzar una vulnerabilidad de escritura fuera de los l\u00edmites. Un agente malicioso podr\u00eda aprovechar esta vulnerabilidad para provocar un bloqueo, da\u00f1ar datos o ejecutar c\u00f3digo arbitrario en el contexto del proceso actual."
    }
  ],
  "id": "CVE-2025-1276",
  "lastModified": "2025-08-19T13:15:39.800",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "psirt@autodesk.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-04-15T21:15:47.320",
  "references": [
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/autodesk-access/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "url": "https://www.autodesk.com/products/dwg-trueview/overview"
    },
    {
      "source": "psirt@autodesk.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0004"
    }
  ],
  "sourceIdentifier": "psirt@autodesk.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "psirt@autodesk.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.