CVE-2025-5039 HIGH

CVE-2025-5039: Privilege Ecalation due to Untrusted Search Path Vulnerability

Vendor Autodesk
Product AutoCAD
Weakness CWE-426
Published July 24, 2025
Last update May 28, 2026

CVSS base score

7.8/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

A maliciously crafted binary file, when present while loading files in certain Autodesk applications, could lead to execution of arbitrary code in the context of the current process due to an untrusted search path being utilized.

Key dates

02Disclosure timeline

July 24, 2025 CVE published
May 28, 2026 Record updated