CVE-2025-9452
📋 TL;DR
A memory corruption vulnerability in Autodesk products allows arbitrary code execution when parsing malicious SLDPRT files. This affects users of specific Autodesk software versions that process these CAD files. Attackers can exploit this to gain control of the affected system.
💻 Affected Systems
- Autodesk Access
- Other Autodesk products that parse SLDPRT files
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Full system compromise with attacker gaining the same privileges as the user running the vulnerable Autodesk software, potentially leading to data theft, ransomware deployment, or lateral movement.
Likely Case
Local privilege escalation or remote code execution when users open malicious SLDPRT files, resulting in malware installation or data exfiltration.
If Mitigated
Limited impact with proper application sandboxing and user privilege restrictions, potentially containing the exploit to the application context.
🎯 Exploit Status
Exploitation requires user interaction to open a malicious file. No public exploit code is currently available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Versions specified in Autodesk advisory ADSK-SA-2025-0024
Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0024
Restart Required: Yes
Instructions:
1. Review Autodesk advisory ADSK-SA-2025-0024. 2. Identify affected products and versions. 3. Update to patched versions through Autodesk Access or official download channels. 4. Restart systems after patching.
🔧 Temporary Workarounds
Restrict SLDPRT file processing
allBlock or restrict processing of SLDPRT files through vulnerable applications
Application sandboxing
allRun Autodesk applications in restricted environments or containers
🧯 If You Can't Patch
- Implement strict file type filtering to block SLDPRT files at network boundaries
- Run Autodesk applications with minimal user privileges and in isolated environments
🔍 How to Verify
Check if Vulnerable:
Check installed Autodesk product versions against affected versions listed in advisory ADSK-SA-2025-0024Check Version:
Check through Autodesk Access or product About dialogVerify Fix Applied:
Verify installed version matches or exceeds patched version specified in Autodesk advisory📡 Detection & Monitoring
Log Indicators:
- Unexpected process crashes of Autodesk applications
- Suspicious file parsing activities
- Unusual outbound connections after file processing
Network Indicators:
- Unexpected network connections from Autodesk processes
- File downloads of SLDPRT files from untrusted sources
SIEM Query:
Process:autodesk* AND (EventID:1000 OR EventID:1001) OR FileExtension:.sldprt AND SourceIP:external