CNNVD-202507-3113 Information
CNNVD ID
CNNVD-202507-3113
Related CVE
- CNNVD Published: 2025-07-24
Description (Chinese)
Autodesk Revit等都是美国Autodesk公司的产品。Autodesk Revit是一套建筑信息模型软件。 Autodesk Infrastructure Parts Editor是一个参数化形状编辑工具。Autodesk Navisworks Manage是一款项目审阅平台。 Autodesk多款产品存在安全漏洞,该漏洞源于加载文件时使用不受信任的搜索路径,可能导致在当前进程环境中执行任意代码。以下产品受到影响:Autodesk Infrastructure Parts Editor、Autodesk Inventor、Autodesk Navisworks Manage、Autodesk Navisworks Simulate、Autodesk Revit、Autodesk Vault Basic Client。
Description (English)
Autodesk Revit, etc., are products of the United States company Autodesk. Autodesk Revit is a set of building information model software. Autodesk Infrestructure Partes Editor is a parameterized shape editing tool. Autodesk Navisworks Manage is a project review platform. There is a security loophole in Autodesk ’ s multiple products, which stems from the use of untrusted search paths when loading documents and may lead to the implementation of arbitrary codes in the current process environment. The following products have been affected: Autodesk Industrial Partes Editor, Autodesk Inventor, Autodesk Navvisworks Manage, Autodesk Navisworks Simulate, Autodesk Revit, Autodesk Vault Basic Clinic.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Autodesk
Published
2025-07-24
Last Modified
2026-02-24
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014 https://www.autodesk.com/products/autodesk-access/overview https://access.redhat.com/security/cve/cve-2025-5039 https://nvd.nist.gov/vuln/detail/CVE-2025-5039
Patch
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014
Share on: