1. Home
  2. CVE Database
  3. CVE-2025-5046
HIGH · 7.8

CVE-2025-5046

A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read s...

Vulnerability Description

A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

CVSS Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
AutodeskAdvance Steel2026
AutodeskAutocad2026
AutodeskAutocad Architecture2026
AutodeskAutocad Electrical2026
AutodeskAutocad Lt2026
AutodeskAutocad Map 3D2026
AutodeskAutocad Mechanical2026
AutodeskAutocad Mep2026
AutodeskAutocad Plant 3D2026
AutodeskCivil 3D2026

Related Weaknesses (CWE)

CWE-125

References

FAQ

What is CVE-2025-5046?

CVE-2025-5046 is a vulnerability with a CVSS score of 7.8 (HIGH). A maliciously crafted DGN file, when linked or imported into Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read s...

How severe is CVE-2025-5046?

CVE-2025-5046 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-5046?

Check the references section above for vendor advisories and patch information. Affected products include: Autodesk Advance Steel, Autodesk Autocad, Autodesk Autocad Architecture, Autodesk Autocad Electrical, Autodesk Autocad Lt.