Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
6DescriptionCVE.org
A maliciously crafted RFA, RTE, or RVT file, when parsed through Autodesk Revit, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
AnalysisAI
CVE-2025-5037 is a memory corruption vulnerability in Autodesk Revit triggered by parsing maliciously crafted RFA, RTE, or RVT files, allowing unauthenticated local attackers with user interaction to execute arbitrary code with the privileges of the Revit process. With a CVSS score of 7.8 and requiring only local access and user interaction (opening a file), this vulnerability poses significant risk to design and engineering teams who routinely handle external Revit model files.
Technical ContextAI
The vulnerability exists in Autodesk Revit's file parsing engine, specifically in the handling of RFA (Revit Family), RTE (Revit Template), and RVT (Revit Project) binary file formats. The root cause is classified as CWE-120 (Buffer Copy without Checking Size of Input), a classic buffer overflow or similar memory safety issue in the file deserialization logic. When Revit processes a specially crafted file with malformed headers, metadata, or embedded geometry data, the parser fails to properly validate input boundaries before copying data into fixed-size buffers. This memory corruption occurs during the initial file parsing phase before the model is fully loaded, affecting the BIM (Building Information Modeling) document format processing within the application's core libraries.
RemediationAI
- Immediate: Update Autodesk Revit to the patched version released by Autodesk (specific version numbers should be obtained from Autodesk's official security advisory). 2. Workarounds: Do not open RFA, RTE, or RVT files from untrusted sources until patched; validate file integrity and source before opening. 3. Network Controls: Implement email gateway scanning for Revit file attachments; restrict file sharing through unencrypted channels. 4. Monitoring: Deploy file execution monitoring to detect suspicious Revit process behavior after file opening. Check Autodesk's official security bulletins and the Revit product documentation portal for patch availability and detailed patch numbers.
A maliciously crafted RCS file, when parsed through Autodesk Revit, can force an Out-of-Bounds Write vulnerability. Rate
A maliciously crafted JPG file, when linked or imported into certain Autodesk applications, can force a Heap-Based Overf
A maliciously crafted DWG file, when parsed through Autodesk Revit, can cause a Stack-Based Buffer Overflow vulnerabilit
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vuln
A maliciously crafted PDF file, when parsed through Autodesk applications, can force a Memory Corruption vulnerability.
A maliciously crafted PDF file, when linked or imported into Autodesk applications, can force a Heap-Based Overflow vuln
Use-After-Free vulnerability (CWE-416) in Autodesk Revit triggered by maliciously crafted RFA (Revit Family) files that
A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vuln
CVE-2025-5040 is a heap-based buffer overflow vulnerability in Autodesk Revit's RTE file parser that allows local attack
A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow.
A maliciously crafted DLL file, when placed in the same directory as an RVT file could be loaded by Autodesk Revit, and
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. Rated high
Same weakness CWE-120 – Classic Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-20992