7.8
CVE-2025-5040
- EPSS 0.17%
- Veröffentlicht 10.07.2025 11:31:19
- Zuletzt bearbeitet 19.08.2025 14:15:40
- Quelle psirt@autodesk.com
- CVE-Watchlists
- Unerledigt
RTE File Parsing Heap-Based Overflow Vulnerability
A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.17% | 0.065 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@autodesk.com | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-122 Heap-based Buffer Overflow
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0012
https://www.autodesk.com/products/autodesk-access/overview