CVE-2025-10889

EUVD-2025-203475
A maliciously crafted CATPART file, when parsed through certain Autodesk products, can force a Memory corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
autodeskCNA
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
Affected Products (NVD)
VendorProductVersion
autodeskshared_components
𝑥
< 2026.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.autodesk.com/products/autodesk-access/overview
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024