5 matches found
CVE-2026-1288
The CVE-2026-1288 entry concerns Autodesk Revit. A maliciously crafted RFA file, when converted to FormIt via “Convert RFA to FormIt” in Revit, can trigger a NULL pointer dereference in the processing path. Exploitation may crash the application, resulting in a denial-of-service condition. The pr...
CVE-2025-5042 RFA File Parsing Out-of-Bounds Read Vulnerability
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...
CVE-2025-5042
CVE-2025-5042 concerns Autodesk Revit. A maliciously crafted RFA file parsed by Revit can trigger an Out-of-Bounds Read, potentially crashing the process, reading sensitive data, or executing arbitrary code in the current process context. This is evidenced across multiple connected sources descri...
CVE-2025-5037 RFA File Parsing Memory Corruption Vulnerability
A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2025-5036 RFA File Parsing Use-After-Free Vulnerability
A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...