Primary

Context

Autodesk AutoCAD Memory Corruption Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Patched

A memory corruption vulnerability has been identified in Autodesk AutoCAD 2026. When a maliciously crafted DGN file is linked or imported into AutoCAD, it can lead to memory corruption. This vulnerability allows a malicious actor to execute arbitrary code within the context of the current process.

Impact

Exploitation of this vulnerability could lead to memory corruption, allowing for arbitrary code execution in the context of the current process.

Remediation

Users are advised to update to Autodesk AutoCAD 2026.1 or a more recent version. These security fixes are not included in the updates specific to individual toolsets for Autodesk Advance Steel, Autodesk Civil 3D, and the specialized toolsets of AutoCAD. For AutoCAD-based products, the latest version should be installed via Autodesk Access or the Accounts Portal.

Added: Aug 15, 2025, 3:17 PM

Updated: Aug 15, 2025, 3:17 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Autodesk AutoCAD Memory Corruption Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Autodesk AutoCAD

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating