CVE-2025-5039

{"id": "CVE-2025-5039", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@autodesk.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2025-07-24T17:15:32.817", "references": [{"url": "https://www.autodesk.com/products/autodesk-access/overview", "source": "psirt@autodesk.com"}, {"url": "https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014", "tags": ["Vendor Advisory"], "source": "psirt@autodesk.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "psirt@autodesk.com", "description": [{"lang": "en", "value": "CWE-426"}]}], "descriptions": [{"lang": "en", "value": "A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized."}, {"lang": "es", "value": "Un archivo binario manipulado con fines malintencionados, cuando est\u00e1 presente durante la carga de archivos en ciertas aplicaciones de Autodesk, podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del proceso actual debido al uso de una ruta de b\u00fasqueda no confiable."}], "lastModified": "2025-08-19T14:15:40.773", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:autodesk:infrastructure_parts_editor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03EE8BC1-4EC3-49E3-9C1C-CFBD8C531ECD", "versionEndExcluding": "2026.0.2", "versionStartIncluding": "2026"}, {"criteria": "cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF7D5DEC-D172-49F2-89AE-9BFC5DFE98A6", "versionEndExcluding": "2026.0.2", "versionStartIncluding": "2026"}, {"criteria": "cpe:2.3:a:autodesk:navisworks_manage:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E916918-4CF5-4628-BD1B-C6FA94CBB353", "versionEndExcluding": "2026.0.2", "versionStartIncluding": "2026"}, {"criteria": "cpe:2.3:a:autodesk:navisworks_simulate:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5AB26D6-C349-48FB-9A09-C32C987904A8", "versionEndExcluding": "2026.0.2", "versionStartIncluding": "2026"}, {"criteria": "cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B92B643-9C29-4604-8967-EB7A238120AB", "versionEndExcluding": "2026.0.2", "versionStartIncluding": "2026"}, {"criteria": "cpe:2.3:a:autodesk:vault:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAA7B4A5-345D-47E2-B295-0AF2BE88C19E", "versionEndExcluding": "2026.0.2", "versionStartIncluding": "2026"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@autodesk.com"}