CNNVD-202507-3639 Information
CNNVD ID
CNNVD-202507-3639
Related CVE
- CNNVD Published: 2025-07-29
Description (Chinese)
Autodesk Advance Steel等都是美国Autodesk公司的产品。Autodesk Advance Steel是一套钢筋结构分析3D建模软件。Autodesk AutoCAD是一套专业的3D绘图软件。Autodesk Civil 3D是一套面向土木工程设计与文档编制的建筑信息模型(BIM)解决方案。 Autodesk多款产品存在安全漏洞,该漏洞源于解析特制PRT文件导致释放后重用,可能导致任意代码执行。以下产品受到影响:Autodesk AutoCAD、Autodesk Advance Steel和Autodesk Civil 3D。
Description (English)
Autodek Advance Steel and others are products of the United States company Autodek. Autodesk Advance Steel is a 3D modeling software package for the analysis of steel bars. Autodesk AutoCAD is a professional 3D drawing software. Autodesk Civil 3D is a BIM solution for civil engineering design and documentation. There is a safety gap in Autodesk ’ s multiple products, which stems from the decomposition of the specialized PRT file leading to its reuse after release, which may lead to arbitrary code enforcement. The following products were affected: Autodek AutoCAD, Autodek Advance Steel and Autodek Civil 3D.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Autodesk
Published
2025-07-29
Last Modified
2026-02-24
References
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015 https://www.autodesk.com/products/autodesk-access/overview https://access.redhat.com/security/cve/cve-2025-6636 https://nvd.nist.gov/vuln/detail/CVE-2025-6636
Patch
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015
Share on: