A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
References
| Link | Resource |
|---|---|
| https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
Configuration 9 (hide)
|
History
08 May 2025, 15:47
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Autodesk autocad Map 3d
Autodesk autocad Electrical Autodesk Autodesk autocad Architecture Autodesk autocad Mechanical Autodesk autocad Mep Autodesk autocad Plant 3d Autodesk autocad Autodesk advance Steel Autodesk civil 3d |
|
| CWE | CWE-787 | |
| Summary |
|
|
| CPE | cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* |
|
| References | () https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0001 - Vendor Advisory |
13 Mar 2025, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-03-13 17:15
Updated : 2025-05-08 15:47
NVD link : CVE-2025-1651
Mitre link : CVE-2025-1651
CVE.ORG link : CVE-2025-1651
JSON object : View
Products Affected
autodesk
- autocad_electrical
- advance_steel
- autocad_mechanical
- autocad
- autocad_plant_3d
- civil_3d
- autocad_architecture
- autocad_mep
- autocad_map_3d