Product:

Revit

(Autodesk)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 25
Date Id Summary Products Score Patch Annotated
2025-04-15 CVE-2025-1277 A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. Revit 7.8
2025-04-15 CVE-2025-1656 A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Revit 7.8
2025-04-15 CVE-2025-2497 A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. Revit 7.8
2024-12-09 CVE-2024-11608 A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. Revit 7.8
2024-10-16 CVE-2024-7993 A maliciously crafted PDF file, when parsed through Autodesk Revit, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. Revit 7.8
2021-12-23 CVE-2021-40160 PDFTron prior to 9.0.7 version may be forced to read beyond allocated boundaries when parsing a maliciously crafted PDF file. This vulnerability can be exploited to execute arbitrary code. Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d, Design_review, Navisworks, Revit 7.8
2021-12-23 CVE-2021-40161 A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through PDFTron earlier than 9.0.7 version. Advance_steel, Autocad, Autocad_architecture, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Civil_3d, Design_review, Navisworks, Revit 7.8
2022-06-21 CVE-2022-27871 Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code. 3ds_max, Advance_steel, Autocad, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Navisworks, Revit 7.8
2022-10-07 CVE-2021-40162 A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code. Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Dwg_trueview, Fusion, Infrastructure_parts_editor, Infraworks, Inventor, Navisworks, Revit, Storm_and_sanitary_analysis 7.8
2022-10-07 CVE-2021-40163 A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component. Autocad, Autocad_advance_steel, Autocad_architecture, Autocad_civil_3d, Autocad_electrical, Autocad_lt, Autocad_map_3d, Autocad_mechanical, Autocad_mep, Autocad_plant_3d, Design_review, Dwg_trueview, Fusion, Infrastructure_parts_editor, Infraworks, Inventor, Navisworks, Revit, Storm_and_sanitary_analysis 7.8