Uncontrolled Memory Allocation Vulnerability in Autodesk Maya
CVE-2025-4605

5.5MEDIUM

Key Information:

Vendor: Autodesk
Status: Usd For Maya; Usd For 3ds Max; Maya
Vendor: CVE Published:; 11 June 2025

What is CVE-2025-4605?

An uncontrolled memory allocation vulnerability exists in Autodesk Maya that can be triggered by loading a specially crafted .usdc file. This can lead to a denial-of-service condition or potential data corruption, enabling malicious actors to disrupt service or compromise user data. Users are advised to exercise caution when handling .usdc files and to stay informed about any patches or updates provided by Autodesk.

Affected Version(s)

Maya 2025 < 2025.3.1

USD for 3ds Max Max USD 0.10

USD for Maya Maya USD 0.31.0

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 11, 2025
Vulnerability Reserved
May 12, 2025