CVE-2026-0538
BaseFortify
Publication date: 2026-02-04
Last updated on: 2026-02-06
Assigner: Autodesk
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| autodesk | 3ds_max | From 2026 (inc) to 2026.3.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs when a maliciously crafted GIF file is parsed by Autodesk 3ds Max, causing an Out-of-Bounds Write. This means that the software writes data outside the boundaries of allocated memory, which can corrupt memory and lead to unexpected behavior.
An attacker can exploit this flaw to execute arbitrary code within the context of the current process, potentially gaining control over the affected system.
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow an attacker to run arbitrary code on your system with the privileges of the Autodesk 3ds Max process.
This can lead to unauthorized actions such as installing malware, stealing data, or disrupting system operations.
Since the vulnerability requires user interaction (UI:R), it may be triggered when a user opens or processes a malicious GIF file.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know