Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-4605

A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability. A malicious actor may leverage this vulnerability to cause a denial-of-service (DoS), or cause data corruption.

Published

2025-06-11T14:15:36.847

Last Modified

2025-08-19T14:15:39.160

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.6 (MEDIUM)

Weaknesses

Type: Secondary
CWE-789
Type: Primary
CWE-770

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	autodesk	maya	< 2025.3.1	Yes
Application	autodesk	universal_scene_description	0.10	Yes
Application	autodesk	universal_scene_description	0.31.0	Yes

References

https://github.com/Autodesk/3dsmax-usd ([email protected])
https://github.com/Autodesk/maya-usd ([email protected])
https://www.autodesk.com/products/autodesk-access/overview ([email protected])
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0011 Vendor Advisory ([email protected])