CVE-2026-0537
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-02-04
Last updated on: 2026-02-06
Assigner: Autodesk
Description
Description
A maliciously crafted RGB file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| autodesk | 3ds_max | From 2026 (inc) to 2026.3.2 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when a specially crafted RGB file is parsed by Autodesk 3ds Max, leading to a memory corruption issue. An attacker can exploit this flaw to execute arbitrary code within the context of the current process.
How can this vulnerability impact me? :
If exploited, this vulnerability can allow an attacker to run arbitrary code on your system with the privileges of the Autodesk 3ds Max process. This could lead to unauthorized actions such as data theft, system compromise, or further malware installation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70