CVE-2025-1660

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Apr 1, 2025

CWE ID 120

Summary

CVE-2025-1660 is a newly disclosed vulnerability affecting Autodesk Navisworks. Maliciously crafted DWFX files can trigger a Memory Corruption issue during the parsing process. An attacker can exploit this vulnerability by supplying a specially crafted file to force memory corruption, potentially leading to arbitrary code execution within the context of the current process. Successful exploitation could result in significant security risks, including unauthorized access, data theft, or system compromise. Autodesk has released a patch to address this issue, and users are strongly encouraged to apply it as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Autodesk Navisworks Simulate
Navisworks Freedom
Navisworks Manage

Affected Vendors

Autodesk

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Know What Matters

For Customers

For Partners