CVE-2025-2497

🗓️ 15 Apr 2025 20:55:34Reported by autodeskType

Malicious DWG file can exploit Autodesk Revit, causing stack-based buffer overflow vulnerability.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2025-2497	15 Apr 202521:15	–	attackerkb
Tenable Nessus	Autodesk Revit 2024.x < 2024.3.2 / 2025.x < 2025.4.1 Multiple Vulnerabilities	18 Apr 202500:00	–	nessus
Circl	CVE-2025-2497	18 Apr 202503:57	–	circl
CNNVD	Autodesk Revit 缓冲区错误漏洞	15 Apr 202500:00	–	cnnvd
Cvelist	CVE-2025-2497 DWG File Parsing Stack-Based Buffer Vulnerability	15 Apr 202520:55	–	cvelist
EUVD	EUVD-2025-11002	3 Oct 202520:07	–	euvd
NVD	CVE-2025-2497	15 Apr 202521:15	–	nvd
OSV	CVE-2025-2497	15 Apr 202521:15	–	osv
RedhatCVE	CVE-2025-2497	17 Apr 202521:03	–	redhatcve
Vulnrichment	CVE-2025-2497 DWG File Parsing Stack-Based Buffer Vulnerability	15 Apr 202520:55	–	vulnrichment

NVD

Node

autodesk revitRange2024–2024.3.2

autodesk revitRange2025–2025.4.1

[
  {
    "cpes": [
      "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit:2024:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Revit",
    "vendor": "Autodesk",
    "versions": [
      {
        "lessThan": "2025.4.1",
        "status": "affected",
        "version": "2025",
        "versionType": "custom"
      },
      {
        "lessThan": "2024.3.2",
        "status": "affected",
        "version": "2024",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
autodesk	www.autodesk.com/products/autodesk-access/overview
autodesk	www.autodesk.com/trust/security-advisories/adsk-sa-2025-0005

17 Jun 2026 09:07Current

7.9High risk

Vulners AI Score7.9

CVSS 3.17.8

EPSS0.00274

SSVC