Autodesk Products Use-After-Free Vulnerability in PRT File Parsing
Vulnerability
A use-after-free vulnerability has been identified in multiple Autodesk products, including AutoCAD 2026 and several specialized toolsets, as well as applications like 3ds Max, Civil 3D, Inventor, Revit, and Vault. This vulnerability arises when a maliciously crafted PRT file is parsed, potentially leading to memory corruption, crashes, unauthorized reading of sensitive data, or execution of arbitrary code within the current process.
Impact
Exploitation of this vulnerability can cause application crashes, unauthorized access to sensitive data, or allow for arbitrary code execution in the context of the current user process.
Remediation
Users are advised to update to Autodesk Shared Components version 2026.3, available through the Autodesk Access or Accounts Portal. No need to update or reinstall individual Autodesk products, as the shared component update can be applied independently.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.