Vulnerability Database

289,689

Total vulnerabilities in the database

CVE-2024-11608

A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

  • Published: Dec 9, 2024
  • Updated: May 8, 2025
  • CVE: CVE-2024-11608
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
autodesk / revit 2024 2024.3.2
autodesk / revit 2023 2023.1.7
autodesk / revit 2025 2025.4