CNNVD-202507-3642 Information

Jul 29, 2025 cve

CNNVD ID

CNNVD-202507-3642

CVE-2025-7675

  • CNNVD Published: 2025-07-29

Description (Chinese)

Autodesk Advance Steel等都是美国Autodesk公司的产品。Autodesk Advance Steel是一套钢筋结构分析3D建模软件。Autodesk AutoCAD是一套专业的3D绘图软件。Autodesk Civil 3D是一套面向土木工程设计与文档编制的建筑信息模型(BIM)解决方案。 Autodesk多款产品存在安全漏洞,该漏洞源于解析3DM文件时存在越界写入,可能导致崩溃、数据损坏或任意代码执行。以下产品受到影响:utodesk AutoCAD、Autodesk Advance Steel和Autodesk Civil 3D。

Description (English)

Autodek Advance Steel and others are products of the United States company Autodek. Autodesk Advance Steel is a 3D modeling software package for the analysis of steel bars. Autodesk AutoCAD is a professional 3D drawing software. Autodesk Civil 3D is a BIM solution for civil engineering design and documentation. There is a safety loophole in Autodesk ’ s multiple products, which stems from the cross-border writing of 3DM documents, which can lead to collapse, data damage or arbitrary code enforcement. The following products were affected: utodek AutoCAD, Autodek Advance Steel and Autodek Civil 3D.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Autodesk

Published

2025-07-29

Last Modified

2026-02-24

References

https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015 https://www.autodesk.com/products/autodesk-access/overview https://access.redhat.com/security/cve/cve-2025-7675 https://nvd.nist.gov/vuln/detail/CVE-2025-7675

Patch

https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0015

Share on: