A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
2025-11-07T18:15:37.647
2025-11-19T14:45:56.280
Analyzed
CVSSv3.1: 7.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | autodesk | shared_components | 2026.3 | Yes |
| Application | autodesk | 3ds_max | 2026 | No |
| Application | autodesk | advance_steel | 2026 | No |
| Application | autodesk | autocad | 2026 | No |
| Application | autodesk | autocad_architecture | 2026 | No |
| Application | autodesk | autocad_electrical | 2026 | No |
| Application | autodesk | autocad_map_3d | 2026 | No |
| Application | autodesk | autocad_mechanical | 2026 | No |
| Application | autodesk | autocad_mep | 2026 | No |
| Application | autodesk | autocad_plant_3d | 2026 | No |
| Application | autodesk | civil_3d | 2026 | No |
| Application | autodesk | infraworks | 2026 | No |
| Application | autodesk | inventor | 2026 | No |
| Application | autodesk | revit | 2026 | No |
| Application | autodesk | revit_lt | 2026 | No |
| Application | autodesk | vault | 2026 | No |