CVE-2025-4605
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-06-11
Last updated on: 2025-08-19
Assigner: Autodesk
Description
Description
A maliciously crafted .usdc file, when loaded through Autodesk Maya, can force an uncontrolled memory allocation vulnerability. A malicious actor may leverage this vulnerability to cause a denial-of-service (DoS), or cause data corruption.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| autodesk | maya | From 2025 (inc) to 2025.3.1 (exc) |
| autodesk | universal_scene_description | 0.10 |
| autodesk | universal_scene_description | 0.31.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-789 | The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated. |
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when a maliciously crafted .usdc file is loaded through Autodesk Maya, causing an uncontrolled memory allocation. This can be exploited by an attacker to trigger a denial-of-service (DoS) condition or cause data corruption.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker to cause a denial-of-service (DoS), making the application unavailable, or by causing data corruption, potentially affecting the integrity of your data.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70