AutoDesk 3ds Max
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in AutoDesk 3ds Max.
By the Year
In 2025 there have been 5 vulnerabilities in AutoDesk 3ds Max with an average score of 7.8 out of ten. Last year, in 2024 3ds Max had 1 security vulnerability published. That is, 4 more vulnerabilities have already been reported in 2025 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 5 | 7.80 |
| 2024 | 1 | 0.00 |
| 2023 | 1 | 7.80 |
| 2022 | 4 | 7.80 |
It may take a day or so for new 3ds Max vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent AutoDesk 3ds Max Security Vulnerabilities
Use-After-Free in Autodesk 3ds Max DWG Parser allows arbitrary code exec
CVE-2025-11797
7.8 - High
- November 12, 2025
A maliciously crafted DWG file, when parsed through Autodesk 3ds Max, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Dangling pointer
Autodesk 3ds Max OOB Write via Malformed JPG (CVE-2025-11795)
CVE-2025-11795
7.8 - High
- November 12, 2025
A maliciously crafted JPG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Memory Corruption
Autodesk 3ds Max OOB Write via Malicious RBG File
CVE-2025-6633
7.8 - High
- August 06, 2025
A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process.
3ds Max OOB Read via PSD Import
CVE-2025-6632
7.8 - High
- August 06, 2025
A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
Memory Corruption RCE via Malicious TGA in Autodesk 3ds Max
CVE-2025-6634
7.8 - High
- August 06, 2025
A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
Autodesk 3ds Max OOB Read/Write via Malformed 3DM Files
CVE-2024-23143
- June 25, 2024
A maliciously crafted 3DM, MODEL and X_B file, when parsed in ASMkern229A.dll and ASMBASE229A.dll through Autodesk applications, can force an Out-of-Bound Read and/or Out-of-Bound Write. A malicious actor can leverage this vulnerability to cause a crash,read sensitive data, or execute arbitrary code in the context of the current process.
Out-of-bounds Read
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability
CVE-2023-25002
7.8 - High
- June 27, 2023
A maliciously crafted SKP file in Autodesk products is used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
Dangling pointer
A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022
CVE-2022-25793
7.8 - High
- August 10, 2022
A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer when parsing ActionScript Byte Code files. This vulnerability may allow arbitrary code execution on affected installations of Autodesk 3ds Max.
Improper Validation of Specified Quantity in Input
Autodesk AutoCAD product suite
CVE-2022-27871
7.8 - High
- June 21, 2022
Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code.
Allocation of Resources Without Limits or Throttling
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files
CVE-2022-27532
7.8 - High
- June 16, 2022
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution.
Memory Corruption
A maliciously crafted TIF file
CVE-2022-27531
7.8 - High
- June 16, 2022
A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for AutoDesk 3ds Max or by AutoDesk? Click the Watch button to subscribe.
