CVE-2025-11797 is a Use-After-Free (CWE-416) vulnerability identified in Autodesk 3ds Max version 2026. The flaw arises when the software parses a specially crafted DWG file, a common format for CAD drawings. The vulnerability allows an attacker to manipulate memory management within the application, leading to a Use-After-Free condition. This can cause the application to crash, potentially exposing sensitive data in memory or enabling the execution of arbitrary code with the privileges of the current user process. Exploitation requires the victim to open or process a malicious DWG file, implying user interaction is necessary. The attack vector is local (AV:L), with low attack complexity (AC:L), no privileges required (PR:N), and user interaction required (UI:R). The vulnerability affects confidentiality, integrity, and availability (all rated high impact). Although no public exploits are known at this time, the vulnerability’s nature and impact make it a significant risk for users of Autodesk 3ds Max, particularly those handling untrusted DWG files. The lack of available patches at publication suggests organizations must rely on interim mitigations until official fixes are released.

For European organizations, this vulnerability poses a substantial risk to industries relying on Autodesk 3ds Max, including architecture, engineering, construction, and media production. Successful exploitation can lead to application crashes disrupting workflows, unauthorized disclosure of sensitive design data, and potential full compromise of the user’s session or system if arbitrary code execution is achieved. This could result in intellectual property theft, project delays, and reputational damage. Given the high confidentiality and integrity impact, organizations handling sensitive or proprietary designs are particularly vulnerable. The requirement for user interaction and local access somewhat limits remote exploitation but does not eliminate risk, especially in environments where DWG files are shared or downloaded from external sources. The absence of known exploits currently provides a window for proactive defense, but the high CVSS score indicates that once exploits emerge, the threat could escalate rapidly.

Until Autodesk releases an official patch, European organizations should implement strict controls on DWG file handling, including restricting file sources to trusted vendors and scanning all incoming files with advanced malware detection tools. Employ application sandboxing or containerization to isolate Autodesk 3ds Max processes, limiting potential damage from exploitation. Enforce the principle of least privilege for users running 3ds Max to minimize impact if code execution occurs. Monitor application and system logs for unusual crashes or behavior indicative of exploitation attempts. Educate users about the risks of opening untrusted DWG files and implement network segmentation to reduce lateral movement in case of compromise. Once patches become available, prioritize immediate deployment across all affected systems. Additionally, consider using endpoint detection and response (EDR) solutions capable of detecting exploitation techniques related to Use-After-Free vulnerabilities.