Worldwide Sites
You have been detected as being from . Where applicable, you can see country-specific product information, offers, and pricing.
Keyboard ALT + g to toggle grid overlay
This page contains important information regarding security vulnerabilities that could affect specific versions of Autodesk products or services.
Autodesk® InfraWorks has been affected by Use-After-Free and XML Entity Expansion vulnerabilities. Exploitation of these vulnerabilities could lead to remote code execution and/or denial-of-service.
Autodesk ID: ADSK-SA-2020-0006
30/10/2020, Friday
A variant of a MAXScript exploit "PhysXPluginMfx" has been identified and a free plugin is now available in the Autodesk App Store to help detect and resolve potential issues caused by this malicious code.
Autodesk ID: ADSK-SA-2020-0005
10/08/2020, Monday
Autodesk InfraWorks has been affected by heap overflow, code injection, out-of-bounds read, and stack-based buffer overflow vulnerabilities in the libcurl component.
Autodesk ID: ADSK-SA-2020-0004
25/06/2020, Thursday
A third-party malicious script was identified and a fix has been made available. The script can execute malicious code that can corrupt the Maya environment, cause data loss and instability, as well as spread to other systems.
Autodesk ID: ADSK-SA-2020-0003
20/05/2020, Wednesday
Applications and Services that utilize the FBX-SDK Ver. 2020.0 or earlier can be impacted by buffer overflow, type confusion, use-after-free, integer overflow, NULL pointer dereference, and heap overflow vulnerabilities.
Autodesk ID: ADSK-SA-2020-0002
15/04/2020, Wednesday
Autodesk® Dynamo BIM is affected by an improper signature validation vulnerability which may lead to code execution through maliciously crafted DLL files.
Autodesk ID: ADSK-SA-2020-0001
01/04/2020, Wednesday
A variant of a MAXScript exploit was identified and a fix has been made available. The exploit can execute malicious code that can corrupt the 3ds Max environment, cause data loss and instability, as well as spread to other systems.
Autodesk ID: ADSK-SA-2019-0005
09/01/2020, Thursday
Autodesk Desktop Application is affected by a DLL preloading vulnerability.
Autodesk ID: ADSK-SA-2019-0004
29/11/2019, Friday
FBX is affected by a buffer overflow vulnerability which may lead to arbitrary code execution on a system running it.
Autodesk ID: ADSK-SA-2019-0003
31/10/2019, Wednesday
Multiple Autodesk products have been affected by DLL preloading and use-after-free vulnerabilities.
Autodesk ID: ADSK-SA-2019-0002
16/08/2019, Friday
Multiple Autodesk® AutoCAD® products have been affected by heap overflow, use-after-free, and deserialization vulnerabilities.
Autodesk ID: ADSK-SA-2019-0001
14/02/2019, Thursday
The Autodesk® Backburner 2016 service command line interface accepts a set of remote telnet commands. When insufficient number of arguments are passed, it fails to handle a specific command request which results in an unhandled Null Dereference state/crash leading to Denial of Service condition.
Autodesk ID: ADSK-SA-2017-001
02/17/2017, Friday
Applications and Services that utilize the Autodesk® FBX-SDK Ver. 2017.0 or earlier for processing FBX, DXF, DAE and 3DS formatted files can be impacted by vulnerabilities related to improper memory allocation when opening malformed files.
Autodesk ID: ADSK-SA-2016-01
12/05/2016, Monday
Vulnerabilities were identified in the Autodesk® Design Review 2013 application that can result in arbitrary and unauthorized remote code execution.
Autodesk ID: ADSK-SA-2016-02
12/14/2016, Wednesday