CVE-2025-11797 – A use-after-free vulnerability in Autodesk 3ds ... (How to Fix)

Q: What is the severity of CVE-2025-11797?

CVE-2025-11797 has a CVSS score of 7.8 (HIGH). A use-after-free vulnerability in Autodesk 3ds Max allows malicious DWG files to cause crashes, data leaks, or arbitrary code execution when opened. This affects all users who process untrusted DWG files with vulnerable versions of 3ds Max. The vulnerability requires user interaction to open a malicious file.

📋 TL;DR

A use-after-free vulnerability in Autodesk 3ds Max allows malicious DWG files to cause crashes, data leaks, or arbitrary code execution when opened. This affects all users who process untrusted DWG files with vulnerable versions of 3ds Max. The vulnerability requires user interaction to open a malicious file.

💻 Affected Systems

Products:

Autodesk 3ds Max

Versions: Specific versions mentioned in Autodesk advisory ADSK-SA-2025-0023

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects 3ds Max when opening DWG files. Requires user interaction to open malicious file.

📦 What is this software?

3ds Max by Autodesk

View all CVEs affecting 3ds Max →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with the privileges of the 3ds Max user, potentially leading to full system compromise, data theft, or lateral movement.

🟠

Likely Case

Application crashes and denial of service when processing malicious files, with potential for limited data exposure.

🟢

If Mitigated

Application crash with no data loss if proper file handling restrictions are in place.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user to open malicious DWG file. No public exploit code available at time of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version specified in Autodesk advisory ADSK-SA-2025-0023

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0023

Restart Required: Yes

Instructions:

1. Open Autodesk Access or Autodesk Desktop App
2. Check for available updates
3. Install the security update for 3ds Max
4. Restart 3ds Max after installation

🔧 Temporary Workarounds

Restrict DWG file handling

windows

Configure 3ds Max to not automatically open DWG files or restrict file associations

User awareness training

all

Train users to only open DWG files from trusted sources

🧯 If You Can't Patch

Implement application whitelisting to restrict execution of 3ds Max to trusted users only
Use network segmentation to isolate systems running vulnerable 3ds Max versions

🔍 How to Verify

Check if Vulnerable:

Check 3ds Max version against affected versions listed in Autodesk advisory ADSK-SA-2025-0023

Check Version:

In 3ds Max: Help > About 3ds Max

Verify Fix Applied:

Verify 3ds Max has been updated to patched version specified in advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes of 3ds Max with memory access violations
Unexpected process termination of 3dsmax.exe

Network Indicators:

Unusual outbound connections from 3ds Max process

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="3dsmax.exe" AND (ExceptionCode=0xc0000005 OR ExceptionCode=0xc0000374)

📊 Metadata

CVE ID: CVE-2025-11797

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.03% exploit probability (7.8th percentile)

Published: November 12, 2025

Last Updated: November 17, 2025

🔗 References

https://www.autodesk.com/products/autodesk-access/overview Product
https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0023 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11797, you might also want to check these: