Untrusted Search Path Vulnerability when opening max Files_CVE-2026-0662

7.8 / 10

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.

Basic Information

ID CVE-2026-0662

Source autodesk

Published Feb 4, 2026 at 16:28

Affected Product

Vendor Autodesk

Product 3ds Max

Version 2026

Affected Versions Autodesk 3ds Max 2026

CWE Classification

CWE-426

References

{
    "lastseen": "",
    "description": "A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.",
    "published": "2026-02-04T16:28:31.980Z",
    "modified": "2026-02-04T16:28:31.980Z",
    "type": "cve",
    "title": "Untrusted Search Path Vulnerability when opening max Files",
    "source": "autodesk",
    "references": "https://www.autodesk.com/products/autodesk-access/overview\nhttps://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002",
    "id": "CVE-2026-0662",
    "bulletinFamily": "",
    "cwe": [
        "CWE-426"
    ],
    "cvelist": null,
    "sourceData": "Autodesk 3ds Max 2026",
    "sourceHref": "",
    "cvss": {
        "score": 7.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "3ds Max",
    "version": "2026",
    "vendor": "Autodesk",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}