Revit@2025 Security Vulnerabilities and Issues — Revit@2025 CVE List

Lucene search

AutodeskRevit2025

18 matches found

CVE•added 2024/12/09 6:15 p.m.•59 views

CVE-2024-11268

A maliciously crafted PDF file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read. A malicious actor can leverage this vulnerability to cause a crash or could lead to an arbitrary memory leak.

5.5CVSS5.4AI score0.00063EPSS

CVE•added 2025/04/15 9:15 p.m.•56 views

CVE-2025-1275

A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00023EPSS

CVE•added 2025/04/15 9:15 p.m.•56 views

CVE-2025-1656

A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

7.8CVSS7.7AI score0.00016EPSS

CVE•added 2024/12/09 6:15 p.m.•55 views

CVE-2024-11608

A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

7.8CVSS7.5AI score0.00074EPSS

CVE•added 2025/04/15 9:15 p.m.•54 views

CVE-2025-1273

7.8CVSS7.7AI score0.00016EPSS

CVE•added 2025/04/15 9:15 p.m.•52 views

CVE-2025-1274

A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00026EPSS

CVE•added 2025/04/15 9:15 p.m.•52 views

CVE-2025-1277

A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00016EPSS

CVE•added 2025/04/15 9:15 p.m.•51 views

CVE-2025-2497

A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.9AI score0.00016EPSS

CVE•added 2024/12/09 6:15 p.m.•50 views

CVE-2024-11454

A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.

7.8CVSS7.8AI score0.00074EPSS

CVE•added 2024/10/16 10:15 p.m.•48 views

CVE-2024-7993

A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00083EPSS

CVE•added 2025/04/15 9:15 p.m.•46 views

CVE-2025-1276

A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

7.8CVSS7.8AI score0.00014EPSS

CVE•added 2025/06/02 5:15 p.m.•46 views

CVE-2025-5036

A maliciously crafted RFA file, when linked or imported into Autodesk Revit, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

7.8CVSS7.7AI score0.00029EPSS

CVE•added 2024/08/21 10:15 a.m.•44 views

CVE-2024-37008

A maliciously crafted DWG file, when parsed in Revit, can force a stack-based buffer overflow. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.9AI score0.00218EPSS

CVE•added 2024/10/16 10:15 p.m.•44 views

CVE-2024-7994

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

7.8CVSS7.7AI score0.00031EPSS

CVE•added 2025/07/10 12:15 p.m.•14 views

CVE-2025-5037

A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

7.8CVSS7.1AI score0.00029EPSS

CVE•added 2025/07/10 12:15 p.m.•9 views

CVE-2025-5040

A maliciously crafted RTE file, when parsed through Autodesk Revit, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

7.8CVSS7AI score0.00029EPSS

CVE•added 2025/09/16 3:15 p.m.•9 views

CVE-2025-8894

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

7.8CVSS7.2AI score0.00023EPSS

CVE•added 2025/09/16 3:15 p.m.•6 views

CVE-2025-8893

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.

7.8CVSS7.3AI score0.00029EPSS