Unrated severityNVD Advisory· Published Jul 24, 2025· Updated Feb 26, 2026
Privilege Ecalation due to Untrusted Search Path Vulnerability
CVE-2025-5039
Description
A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.
Affected products
11- cpe:2.3:a:autodesk:autocad_architecture:2026:*:*:*:*:*:*:*Range: 2026
- cpe:2.3:a:autodesk:autocad_electrical:2026:*:*:*:*:*:*:*Range: 2026
- cpe:2.3:a:autodesk:autocad_mechanical:2026:*:*:*:*:*:*:*Range: 2026
- cpe:2.3:a:autodesk:autocad_plant_3d:2026:*:*:*:*:*:*:*Range: 2026
- Autodesk/RealDWGv5cpe:2.3:a:autodesk:realdwg:2026:*:*:*:*:*:*:*Range: 2026
Patches
Vulnerability mechanics
References
2- www.autodesk.com/products/autodesk-access/overviewmitrepatch
- www.autodesk.com/trust/security-advisories/adsk-sa-2025-0014mitrevendor-advisory
News mentions
0No linked articles in our index yet.