CVE-2025-1652
HIGHDescription
A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Is your site exposed to CVE-2025-1652?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| autodesk | autocad |
| autodesk | autocad |
| autodesk | autocad |
| autodesk | autocad |
| autodesk | advance_steel |
| autodesk | advance_steel |
| autodesk | advance_steel |
| autodesk | advance_steel |
| autodesk | civil_3d |
| autodesk | civil_3d |
| autodesk | civil_3d |
| autodesk | civil_3d |
| autodesk | autocad_mechanical |
| autodesk | autocad_mechanical |
| autodesk | autocad_mechanical |
| autodesk | autocad_mechanical |
| autodesk | autocad_mep |
| autodesk | autocad_mep |
| autodesk | autocad_mep |
| autodesk | autocad_mep |
| autodesk | autocad_plant_3d |
| autodesk | autocad_plant_3d |
| autodesk | autocad_plant_3d |
| autodesk | autocad_plant_3d |
| autodesk | autocad_map_3d |
| autodesk | autocad_map_3d |
| autodesk | autocad_map_3d |
| autodesk | autocad_map_3d |
| autodesk | autocad_architecture |
| autodesk | autocad_architecture |
| autodesk | autocad_architecture |
| autodesk | autocad_architecture |
| autodesk | autocad_electrical |
| autodesk | autocad_electrical |
| autodesk | autocad_electrical |
| autodesk | autocad_electrical |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2025-1652? +
How severe is CVE-2025-1652? +
What products are affected by CVE-2025-1652? +
How do I check if I'm vulnerable to CVE-2025-1652? +
Related Vulnerabilities
libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where get_byte_inc() in src/oscore/oscore_cbor.c relies solely on assert() …
Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows. This issue affects Citrix Secure Access Client for Windows: …
An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system …
HTML::Bare versions through 0.04 for Perl have an unbounded character lookahead. The parserc_parse function attempts to check for multicharacter strings …
XML::Bare versions through 0.53 for Perl have an unbounded character lookahead. The parserc_parse function attempts to check for multicharacter strings …
YAML::Syck versions before 1.47 for Perl allow an out-of-bounds read via a signed-char lookup-table index in syck_base64dec. The base64 decoder …