CVE-2026-0536 – A stack-based buffer overflow vulnerability in ... (How to Fix)

Q: What is the severity of CVE-2026-0536?

CVE-2026-0536 has a CVSS score of 7.8 (HIGH). A stack-based buffer overflow vulnerability in Autodesk 3ds Max allows arbitrary code execution when processing malicious GIF files. Attackers can exploit this to run code with the same privileges as the 3ds Max process. Users of affected 3ds Max versions are at risk.

📋 TL;DR

A stack-based buffer overflow vulnerability in Autodesk 3ds Max allows arbitrary code execution when processing malicious GIF files. Attackers can exploit this to run code with the same privileges as the 3ds Max process. Users of affected 3ds Max versions are at risk.

💻 Affected Systems

Products:

Autodesk 3ds Max

Versions: Specific versions not detailed in provided references; check vendor advisory for exact affected versions.

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability triggers when parsing GIF files through 3ds Max's image processing functionality.

📦 What is this software?

3ds Max by Autodesk

View all CVEs affecting 3ds Max →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via remote code execution leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Local privilege escalation or malware execution when users open malicious GIF files in 3ds Max.

🟢

If Mitigated

Limited impact with proper application sandboxing, user privilege restrictions, and file validation controls in place.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious file; no known public exploits at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Autodesk advisory ADSK-SA-2026-0002 for specific patched versions.

Vendor Advisory: https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002

Restart Required: Yes

Instructions:

1. Open Autodesk Access or 3ds Max.
2. Check for updates in the application or via Autodesk Access.
3. Apply the latest security update from Autodesk.
4. Restart 3ds Max after installation.

🔧 Temporary Workarounds

Restrict GIF file processing

windows

Block or restrict GIF files from being opened in 3ds Max through file type associations or application policies.

Run with reduced privileges

windows

Execute 3ds Max with limited user permissions to reduce impact of potential code execution.

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized execution of 3ds Max or related processes.
Use network segmentation to isolate 3ds Max systems from critical assets.

🔍 How to Verify

Check if Vulnerable:

Check 3ds Max version against affected versions listed in Autodesk advisory ADSK-SA-2026-0002.

Check Version:

In 3ds Max: Help > About Autodesk 3ds Max

Verify Fix Applied:

Confirm 3ds Max version is updated to patched version specified in vendor advisory.

📡 Detection & Monitoring

Log Indicators:

Unexpected crashes of 3ds Max.exe
Unusual process creation from 3ds Max
Security event logs showing privilege escalation

Network Indicators:

Outbound connections from 3ds Max to unexpected destinations
DNS queries for command and control domains

SIEM Query:

Process Creation where Image contains '3dsmax.exe' AND ParentImage NOT IN ('explorer.exe', 'autodeskaccess.exe')

📊 Metadata

CVE ID: CVE-2026-0536

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

EPSS Score: 0% exploit probability (0.2th percentile)

Published: February 4, 2026

Last Updated: February 5, 2026

🔗 References

https://www.autodesk.com/products/autodesk-access/overview Product
https://www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-0536, you might also want to check these: