CVE-2025-11797 is a Use-After-Free vulnerability (CWE-416) identified in Autodesk 3ds Max 2026, a widely used 3D modeling and rendering software. The vulnerability arises when the software parses a specially crafted DWG file, a common CAD file format. The flaw allows a malicious actor to manipulate memory management such that previously freed memory is accessed, leading to undefined behavior. This can cause the application to crash, leak sensitive information from memory, or enable execution of arbitrary code with the privileges of the current user running 3ds Max. The CVSS 3.1 score of 7.8 reflects high severity, with attack vector local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but user interaction needed (UI:R). The scope is unchanged (S:U), and the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). No patches have been published yet, and no exploits are known in the wild, but the vulnerability poses a significant risk given the software's use in professional environments. The vulnerability was reserved in mid-October 2025 and published in November 2025. The lack of authentication requirements and the potential for arbitrary code execution make this a critical concern for users of the affected version.

The exploitation of CVE-2025-11797 can have severe consequences for organizations relying on Autodesk 3ds Max 2026. Successful exploitation can lead to denial of service via application crashes, potentially disrupting workflows and causing productivity losses. More critically, attackers can execute arbitrary code, which may allow them to install malware, move laterally within networks, or exfiltrate sensitive intellectual property such as proprietary 3D models and design data. The confidentiality breach risk is high, as sensitive project data could be read from memory. The integrity of design files and software processes can be compromised, undermining trust in the output. Given the software’s use in industries like media production, architecture, and engineering, the impact extends to intellectual property theft and operational disruption. The requirement for user interaction limits remote exploitation but does not eliminate risk, especially in environments where files are shared frequently. The absence of known exploits currently provides a window for mitigation, but the potential for rapid weaponization exists.

Until an official patch is released by Autodesk, organizations should implement several targeted mitigations. First, restrict the opening of DWG files from untrusted or unknown sources within 3ds Max 2026 environments. Employ file scanning and sandboxing solutions to analyze DWG files before use. Educate users about the risks of opening unsolicited or suspicious files and enforce strict policies on file sharing. Consider running 3ds Max in a least-privilege environment or within virtual machines to contain potential exploitation. Monitor application behavior for crashes or anomalies that could indicate exploitation attempts. Network segmentation can limit lateral movement if compromise occurs. Once Autodesk releases a patch, prioritize its deployment across all affected systems. Additionally, maintain up-to-date endpoint detection and response (EDR) tools capable of detecting exploitation attempts related to use-after-free vulnerabilities. Regularly review Autodesk security advisories for updates on this CVE.