CVE-2025-8894

🔴 HIGH

A maliciously crafted PDF file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read s...

Published

Sep 16, 2025

Last Modified

Sep 19, 2025

Views

Bookmarks

Description

Request Expert Review

Affected Products (11)

autodesk - autocad_plant_3d

Version: *

autodesk - advance_steel

Version: *

autodesk - civil_3d

Version: *

autodesk - autocad_lt

Version: *

autodesk - revit

Version: *

autodesk - autocad

Version: *

autodesk - autocad_architecture

Version: *

autodesk - autocad_electrical

Version: *

autodesk - autocad_mechanical

Version: *

autodesk - autocad_mep

Version: *

autodesk - autocad_map_3d

Version: *

CVSS Scores

CVSS 3.1 7.8

7.8

HIGH

CVSS 2.0 7.8

References

www.autodesk.com www.autodesk.com

Additional Information

Source: psirt@autodesk.com
State: Analyzed

Related CVEs

CVE-2025-13161

HIGH

IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relati...

Score: 7.5

CVE-2025-13160

MEDIUM

IQ-Support developed by IQ Service International has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to a...

Score: 5.3

CVE-2025-12904

HIGH

The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insert_data' AJAX endpoint in all versions up...

Score: 7.2

CVE-2025-64530

HIGH

Apollo Federation is an architecture for declaratively composing APIs into a unified graph. A vulnerability in versions of Apollo Federation's composi...

Score: 7.5

CVE-2025-64753

MEDIUM

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints li...

Score: 5.3

CVE-2025-64752

MEDIUM

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with access to any document on a Grist installation can use a feature for f...

Score: 6.8

Share CVE-2025-8894

Share on Social Media

Copy Link

Embed Code

HTML Embed (for websites/blogs)

Markdown (for GitHub/Discord)

Request Expert Analysis

Request a professional security analysis for CVE-2025-8894 from our verified experts.

Credits System

Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!

Priority Level

SLA Acceleration (50% faster delivery)

Add 3 credits for accelerated delivery

Additional Context (Optional)

Base Cost: 8 credits

Priority Upgrade: + credits

SLA Acceleration: +3 credits

Total Cost:

Your Balance:

Insufficient Credits

You need more credits to submit this request.

Buy Credits

CVE-2025-8894

Description

Affected Products (11)

autodesk - autocad_plant_3d

autodesk - advance_steel

autodesk - civil_3d

autodesk - autocad_lt

autodesk - revit

autodesk - autocad

autodesk - autocad_architecture

autodesk - autocad_electrical

autodesk - autocad_mechanical

autodesk - autocad_mep

autodesk - autocad_map_3d

CVSS Scores

References

Additional Information

Related CVEs

CVE-2025-13161

CVE-2025-13160

CVE-2025-12904

CVE-2025-64530

CVE-2025-64753

CVE-2025-64752

Share CVE-2025-8894

Share on Social Media

Copy Link

Embed Code

Request Expert Analysis

Credits System

Insufficient Credits

Report Analysis