CVE-2025-5037

| EUVD-2025-20992 HIGH
2025-07-10 [email protected]
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 16, 2026 - 06:52 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 06:52 euvd
EUVD-2025-20992
CVE Published
Jul 10, 2025 - 12:15 nvd
HIGH 7.8

Tags

RCE Buffer Overflow Revit

Description

A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

Analysis

CVE-2025-5037 is a memory corruption vulnerability in Autodesk Revit triggered by parsing maliciously crafted RFA, RTE, or RVT files, allowing unauthenticated local attackers with user interaction to execute arbitrary code with the privileges of the Revit process. With a CVSS score of 7.8 and requiring only local access and user interaction (opening a file), this vulnerability poses significant risk to design and engineering teams who routinely handle external Revit model files.

Technical Context

The vulnerability exists in Autodesk Revit's file parsing engine, specifically in the handling of RFA (Revit Family), RTE (Revit Template), and RVT (Revit Project) binary file formats. The root cause is classified as CWE-120 (Buffer Copy without Checking Size of Input), a classic buffer overflow or similar memory safety issue in the file deserialization logic. When Revit processes a specially crafted file with malformed headers, metadata, or embedded geometry data, the parser fails to properly validate input boundaries before copying data into fixed-size buffers. This memory corruption occurs during the initial file parsing phase before the model is fully loaded, affecting the BIM (Building Information Modeling) document format processing within the application's core libraries.

Affected Products

Autodesk Revit (specific version numbers not provided in the CVE description but typically affects multiple active versions). Based on CVE patterns, likely affected versions include Revit 2024.x, 2023.x, and potentially 2025.x. Affected file formats: RFA (Family files), RTE (Template files), RVT (Project files). The vulnerability affects the core file parsing engine shared across all Revit editions (Standard, Professional). Users of third-party plugins that process these file formats may also be at indirect risk if they use vulnerable Autodesk libraries.

Remediation

1. **Immediate**: Update Autodesk Revit to the patched version released by Autodesk (specific version numbers should be obtained from Autodesk's official security advisory). 2. **Workarounds**: Do not open RFA, RTE, or RVT files from untrusted sources until patched; validate file integrity and source before opening. 3. **Network Controls**: Implement email gateway scanning for Revit file attachments; restrict file sharing through unencrypted channels. 4. **Monitoring**: Deploy file execution monitoring to detect suspicious Revit process behavior after file opening. Check Autodesk's official security bulletins and the Revit product documentation portal for patch availability and detailed patch numbers.

Priority Score

39
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +39
POC: 0

Share

CVE-2025-5037 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy