DGN File Parsing Out-of-Bounds Read Vulnerability_CVE-2025-5046

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

Basic Information

ID CVE-2025-5046

Source autodesk

Published Aug 15, 2025 at 14:37

Affected Product

Vendor Autodesk

Product AutoCAD

Version 2026

Affected Versions Autodesk AutoCAD 2026
Autodesk AutoCAD LT 2026
Autodesk AutoCAD Architecture 2026
Autodesk AutoCAD Electrical 2026
Autodesk AutoCAD Mechanical 2026
Autodesk AutoCAD MEP 2026
Autodesk AutoCAD Plant 3D 2026
Autodesk AutoCAD MAP 3D 2026
Autodesk Civil 3D 2026
Autodesk Advance Steel 2026

CWE Classification

CWE-125

References

{
    "lastseen": "",
    "description": "A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.",
    "published": "2025-08-15T14:37:20.897Z",
    "modified": "2025-08-15T14:37:20.897Z",
    "type": "cve",
    "title": "DGN File Parsing Out-of-Bounds Read Vulnerability",
    "source": "autodesk",
    "references": "https://www.autodesk.com/products/autodesk-access/overview\nhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0017",
    "id": "CVE-2025-5046",
    "bulletinFamily": "",
    "cwe": [
        "CWE-125"
    ],
    "cvelist": null,
    "sourceData": "Autodesk AutoCAD 2026\nAutodesk AutoCAD LT 2026\nAutodesk AutoCAD Architecture 2026\nAutodesk AutoCAD Electrical 2026\nAutodesk AutoCAD Mechanical 2026\nAutodesk AutoCAD MEP 2026\nAutodesk AutoCAD Plant 3D 2026\nAutodesk AutoCAD MAP 3D 2026\nAutodesk Civil 3D 2026\nAutodesk Advance Steel 2026",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "AutoCAD",
    "version": "2026",
    "vendor": "Autodesk",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}