Volerion logoVolerion
Volerion logoVolerion

Autodesk 3ds Max Out-of-Bounds Write Vulnerability Allowing Code Execution

Vulnerability

An out-of-bounds write vulnerability has been identified in Autodesk 3ds Max versions 2026 and 2027. This vulnerability arises when the application parses a maliciously crafted TIF file, leading to potential memory corruption. A malicious actor could exploit this vulnerability to execute arbitrary code within the context of the current process, cause data corruption, or induce a crash, disrupting the application's normal operation.

Impact

Exploitation of this vulnerability can lead to memory corruption, allowing for arbitrary code execution in the context of the current process. Additionally, it could cause data corruption or result in the application crashing, creating a denial-of-service condition.

Remediation

Users are advised to update to Autodesk 3ds Max versions 2026.1 or 2027.1, available through the Autodesk Access application or the Accounts Portal.

Added: May 26, 2026, 10:31 PM
Updated: May 26, 2026, 10:31 PM

Vulnerability Rating

Custom Algorithm
spread
4.2
impact
7.5
exploitability
3.6
remediation
7.9
relevance
9.6
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.