CVE-2025-8354

🗓️ 23 Sep 2025 13:20:03Reported by autodeskType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 10 Views

A crafted Revit file format can trigger type confusion, causing crash, data corruption, or code execution.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-8354	23 Sep 202503:00	–	circl
CNNVD	Autodesk Revit 安全漏洞	23 Sep 202500:00	–	cnnvd
Cvelist	CVE-2025-8354 RFA File Parsing Type Confusion Vulnerability	23 Sep 202513:20	–	cvelist
EUVD	EUVD-2025-30888	3 Oct 202520:07	–	euvd
NVD	CVE-2025-8354	23 Sep 202514:15	–	nvd
Positive Technologies	PT-2025-39171	23 Sep 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-8354	25 Sep 202502:53	–	redhatcve
Vulnrichment	CVE-2025-8354 RFA File Parsing Type Confusion Vulnerability	23 Sep 202513:20	–	vulnrichment
Zero Day Initiative	Autodesk Revit RFA File Parsing Type Confusion Remote Code Execution Vulnerability	23 Sep 202500:00	–	zdi

NVD

Node

autodesk revitRange2026–2026.3

[
  {
    "cpes": [
      "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit:2024:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Revit",
    "vendor": "Autodesk",
    "versions": [
      {
        "lessThan": "2026.3",
        "status": "affected",
        "version": "2026",
        "versionType": "custom"
      },
      {
        "lessThan": "2025.4.4",
        "status": "affected",
        "version": "2025",
        "versionType": "custom"
      },
      {
        "lessThan": "2024.3.4",
        "status": "affected",
        "version": "2024",
        "versionType": "custom"
      }
    ]
  },
  {
    "cpes": [
      "cpe:2.3:a:autodesk:revit_lt:2026:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit_lt:2025:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit_lt:2024:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Revit LT",
    "vendor": "Autodesk",
    "versions": [
      {
        "lessThan": "2026.3",
        "status": "affected",
        "version": "2026",
        "versionType": "custom"
      },
      {
        "lessThan": "2025.4.4",
        "status": "affected",
        "version": "2025",
        "versionType": "custom"
      },
      {
        "lessThan": "2024.3.4",
        "status": "affected",
        "version": "2024",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
autodesk	www.autodesk.com/products/autodesk-access/overview
autodesk	www.autodesk.com/trust/security-advisories/adsk-sa-2025-0021

02 Dec 2025 15:20Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.8

EPSS0.0003

SSVC

CWE-843