Out-of-Bounds Write Vulnerability in Autodesk Products
CVE-2025-8893

7.8HIGH

Key Information:

Vendor: Autodesk
Status: Revit; Autocad; Autocad Lt; Autocad Architecture
Vendor: CVE Published:; 16 September 2025

What is CVE-2025-8893?

A vulnerability present in certain Autodesk products allows for an Out-of-Bounds Write condition when a specially crafted PDF file is parsed. This flaw enables a malicious actor to potentially exploit the vulnerability, leading to application crashes, data corruption, or execution of arbitrary code with the privileges of the current process. The affected Autodesk Access applications must be patched to mitigate these risks effectively.

Affected Version(s)

Advance Steel 2026 < 2026.1

Advance Steel 2025 < 2025.1.3

AutoCAD 2026 < 2026.1

References

https://www.autodesk.com/products/autodesk-access/overview

patch

https://www.autodesk.com/trust/security-advisories/adsk-s...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Aug 12, 2025