Autodesk Revit Use-After-Free Vulnerability in RFA File Handling Allowing Code Execution

Vulnerability

A use-after-free vulnerability has been identified in Autodesk Revit, triggered by a maliciously crafted RFA file. When such a file is linked or imported into Revit, it can cause a use-after-free condition. This vulnerability could be exploited to force the application to crash, read sensitive data, or execute arbitrary code within the context of the current process.

Impact

Exploitation of this vulnerability can lead to application crashes, unauthorized access to sensitive data, and execution of arbitrary code in the current process context.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

8.1

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

8.1

exploitability

4.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Autodesk Revit Use-After-Free Vulnerability in RFA File Handling Allowing Code Execution

Vulnerability

Impact

Affected Products

Autodesk Revit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating