CVE-2025-5037 RFA File Parsing Memory Corruption Vulnerability

🗓️ 10 Jul 2025 11:30:47Reported by autodeskType

Malicious RFA file in Autodesk Revit can cause Memory Corruption allowing arbitrary code execution.

Reporter	Title	Published	Views	Family All 18
ATTACKERKB	CVE-2025-5037	10 Jul 202511:30	–	attackerkb
Tenable Nessus	Autodesk Revit 2023.x < 2023.1.8 / 2024.x < 2024.3.3 / 2025.x < 2025.4.2 / 2026.x < 2026.2 Mutliple Vulnerabilities (ADSK-SA-2025-0012)	17 Jul 202500:00	–	nessus
Circl	CVE-2025-5037	15 Jul 202503:00	–	circl
CNNVD	Autodesk Revit 安全漏洞	10 Jul 202500:00	–	cnnvd
CVE	CVE-2025-5037	10 Jul 202511:30	–	cve
EUVD	EUVD-2025-20992	3 Oct 202520:07	–	euvd
NVD	CVE-2025-5037	10 Jul 202512:15	–	nvd
Positive Technologies	PT-2025-29079	10 Jul 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-5037	12 Jul 202512:23	–	redhatcve
The Hacker News	ThreatsDay Bulletin: MS Teams Hack, MFA Hijacking, $2B Crypto Heist, Apple Siri Probe & More	9 Oct 202512:16	–	thn

[
  {
    "cpes": [
      "cpe:2.3:a:autodesk:revit:2026:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit:2025:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit:2024:*:*:*:*:*:*:*",
      "cpe:2.3:a:autodesk:revit:2023:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Revit",
    "vendor": "Autodesk",
    "versions": [
      {
        "lessThan": "2026.2",
        "status": "affected",
        "version": "2026",
        "versionType": "custom"
      },
      {
        "lessThan": "2025.4.2",
        "status": "affected",
        "version": "2025",
        "versionType": "custom"
      },
      {
        "lessThan": "2024.3.3",
        "status": "affected",
        "version": "2024",
        "versionType": "custom"
      },
      {
        "lessThan": "2023.1.8",
        "status": "affected",
        "version": "2023",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
autodesk	www.autodesk.com/trust/security-advisories/adsk-sa-2025-0012
autodesk	www.autodesk.com/products/autodesk-access/overview

19 Aug 2025 13:15Current

CVSS 3.17.8

EPSS0.00152

CWE-120