Описание
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 2025 (включая) до 2025.4 (исключая)
cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00291
Низкий
7.8 High
CVSS3
Дефекты
CWE-426
CWE-426
Связанные уязвимости
CVSS3: 7.8
github
около 1 года назад
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and execute arbitrary code in the context of the current process due to an untrusted search patch being utilized.
EPSS
Процентиль: 52%
0.00291
Низкий
7.8 High
CVSS3
Дефекты
CWE-426
CWE-426