CVE-2025-5042

A maliciously crafted RFA file, when parsed through Autodesk Revit, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVSS

No CVSS.

References

Link	Resource
https://www.autodesk.com/products/autodesk-access/overview
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0013	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:autodesk:revit:*:*:*:*:*:*:*:*

History

19 Aug 2025, 14:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : unknown
References		() https://www.autodesk.com/products/autodesk-access/overview -

30 Jul 2025, 17:41

Type	Values Removed	Values Added
CPE		cpe:2.3:a:autodesk:revit::::::::
References	~~() https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0013 -~~	() https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0013 - Vendor Advisory
First Time		Autodesk Autodesk revit

22 Jul 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-22 16:15

Updated : 2025-08-19 14:15

NVD link : CVE-2025-5042

Mitre link : CVE-2025-5042

JSON object : View

Products Affected

autodesk

revit

CWE

No CWE.

JSON object

Attach tags to CVE-2025-5042

Attach tags to `CVE-2025-5042`