Memory Corruption Vulnerability in Autodesk 3ds Max
CVE-2025-6634

7.8HIGH

Key Information:

Vendor: Autodesk
Status: 3ds Max
Vendor: CVE Published:; 6 August 2025

What is CVE-2025-6634?

A memory corruption flaw in Autodesk 3ds Max can be exploited through a specially crafted TGA file. When this file is linked or imported, it may trigger the execution of arbitrary code within the current process context. This vulnerability highlights the importance of validating input files and employing security measures to prevent malicious file exploitation. Users and administrators are encouraged to patch their systems promptly and follow security best practices to mitigate risks.

Affected Version(s)

3ds Max 2026 < 2026.2

References

https://www.autodesk.com/trust/security-advisories/adsk-s...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2025
Vulnerability Reserved
Jun 25, 2025