CVE-2025-6637
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-29

Last updated on: 2025-08-19

Assigner: Autodesk

Description
A maliciously crafted PRT file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-29
Last Modified
2025-08-19
Generated
2026-05-07
AI Q&A
2025-07-29
EPSS Evaluated
2026-05-05
NVD
CVE-2025-6637
Affected Vendors & Products
Showing 16 associated CPEs
Vendor Product Version / Range
autodesk shared_components 2026.2
autodesk 3ds_max 2026
autodesk advance_steel 2026
autodesk autocad 2026
autodesk autocad_architecture 2026
autodesk autocad_electrical 2026
autodesk autocad_map_3d 2026
autodesk autocad_mechanical 2026
autodesk autocad_mep 2026
autodesk autocad_plant_3d 2026
autodesk civil_3d 2026
autodesk infraworks 2026
autodesk inventor 2026
autodesk revit 2026
autodesk revit_lt 2026
autodesk vault 2026
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an Out-of-Bounds Write issue triggered by parsing a maliciously crafted PRT file in certain Autodesk products. Exploiting it can cause the application to crash, corrupt data, or allow an attacker to execute arbitrary code within the context of the current process.


How can this vulnerability impact me? :

If exploited, this vulnerability can lead to application crashes, data corruption, or arbitrary code execution, potentially allowing an attacker to take control of the affected process or disrupt normal operations.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring for the opening or importing of maliciously crafted PRT files in affected Autodesk products. Since exploitation requires user interaction with such files, detection involves auditing file access and application logs for suspicious PRT file activity. Specific commands are not provided in the available resources. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include updating the Autodesk Shared Components to version 2026.3 or later via Autodesk Access or the Accounts Portal without reinstalling the host products. Additionally, users should only open or import PRT files from trusted sources to reduce the risk of exploitation. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart