CVE-2025-9458
📋 TL;DR
This vulnerability allows attackers to execute arbitrary code by tricking users into opening malicious PRT files in affected Autodesk products. Users of Autodesk Access and potentially other Autodesk software are affected when processing untrusted PRT files.
💻 Affected Systems
- Autodesk Access
- Other Autodesk products that parse PRT files
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with attacker gaining the same privileges as the user running the vulnerable software, potentially leading to data theft, ransomware deployment, or lateral movement.
Likely Case
Local privilege escalation or malware execution when users open malicious PRT files, potentially leading to credential theft or data exfiltration.
If Mitigated
Limited impact with proper application sandboxing and user privilege restrictions, potentially only causing application crashes.
🎯 Exploit Status
Exploitation requires user interaction to open malicious PRT file. Memory corruption vulnerabilities often require specific conditions to achieve reliable code execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory ADSK-SA-2025-0019 for specific patched versions
Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2025-0019
Restart Required: Yes
Instructions:
1. Visit the Autodesk Trust Center advisory. 2. Identify affected products and versions. 3. Update to the latest patched version through Autodesk Access or product-specific update mechanisms. 4. Restart the application after update.
🔧 Temporary Workarounds
Block PRT file execution
allPrevent execution of PRT files through application control or file extension blocking
Windows: Use AppLocker or Software Restriction Policies to block PRT file execution
macOS/Linux: Use application whitelisting tools
User awareness training
allEducate users not to open PRT files from untrusted sources
🧯 If You Can't Patch
- Implement application sandboxing to limit potential damage from code execution
- Restrict user privileges to prevent system-wide compromise if exploited
🔍 How to Verify
Check if Vulnerable:
Check installed Autodesk product versions against the vendor advisory. Look for PRT file parsing capabilities.Check Version:
Windows: Check via Control Panel > Programs or Autodesk product About dialog; macOS: Check via Applications folder or product About menuVerify Fix Applied:
Verify that Autodesk products are updated to versions listed in the vendor advisory as patched.📡 Detection & Monitoring
Log Indicators:
- Application crashes when opening PRT files
- Unusual process creation from Autodesk applications
- File access to suspicious PRT files
Network Indicators:
- Downloads of PRT files from untrusted sources
- Outbound connections from Autodesk processes to suspicious IPs
SIEM Query:
Process creation where parent process contains 'autodesk' AND (command line contains '.prt' OR file path contains '.prt')