Primary

Context

Autodesk Products Type Confusion Vulnerability Allowing Memory Corruption and Arbitrary Code Execution

Vulnerability

Patched

A type confusion vulnerability has been identified in several Autodesk products, including Autodesk Revit, when processing maliciously crafted RFA files. This vulnerability can lead to memory corruption, causing crashes, data corruption, or allowing the execution of arbitrary code within the current process context.

Impact

Exploitation of this vulnerability can result in memory corruption, potentially leading to crashes, data corruption, or arbitrary code execution in the context of the current process.

Remediation

Users are advised to update to the latest version of Autodesk Shared Components via Autodesk Access or the Accounts Portal. These shared component updates can be installed independently of the host products.

Added: Sep 23, 2025, 2:17 PM

Updated: Sep 23, 2025, 2:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Autodesk Products Type Confusion Vulnerability Allowing Memory Corruption and Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Autodesk Revit

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating