CVE-2025-1652 is a high-severity vulnerability classified as CWE-125 (Out-of-Bounds Read) affecting multiple recent versions of Autodesk AutoCAD (2022 through 2025). The vulnerability arises when AutoCAD parses a specially crafted MODEL file, which can trigger an out-of-bounds read condition. This flaw allows a malicious actor to cause the application to crash, potentially leading to denial of service, or to read sensitive memory contents beyond the intended buffer boundaries. More critically, the vulnerability can be exploited to execute arbitrary code within the context of the AutoCAD process, which may lead to full system compromise depending on the privileges of the user running AutoCAD. The CVSS 3.1 base score of 7.8 reflects a high severity rating, with the vector indicating local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), but requiring user interaction (UI:R). The impact on confidentiality, integrity, and availability is rated high, meaning that exploitation can lead to significant data exposure, unauthorized code execution, and service disruption. No known exploits are currently reported in the wild, and no official patches have been linked yet, although the vulnerability was reserved by Autodesk in late February 2025 and published in March 2025. Given AutoCAD's widespread use in engineering, architecture, and design sectors, this vulnerability poses a serious risk if weaponized by threat actors through social engineering or targeted attacks involving malicious MODEL files.

For European organizations, the impact of CVE-2025-1652 is considerable due to the extensive use of Autodesk AutoCAD in critical infrastructure design, manufacturing, construction, and engineering industries across the continent. Exploitation could lead to unauthorized disclosure of sensitive design data, intellectual property theft, and disruption of business operations. The ability to execute arbitrary code elevates the risk to full system compromise, potentially enabling lateral movement within corporate networks or deployment of ransomware. This is particularly concerning for organizations involved in sectors such as automotive, aerospace, energy, and public infrastructure, which are prevalent in Europe and often targeted by advanced persistent threat (APT) groups. The requirement for local access and user interaction suggests that phishing campaigns or insider threats could be vectors for exploitation. The absence of patches at the time of disclosure increases the window of exposure, necessitating immediate risk mitigation. Additionally, the high confidentiality impact could have regulatory implications under GDPR if personal or sensitive data is exposed during exploitation.

To mitigate CVE-2025-1652, European organizations should implement a multi-layered approach beyond generic patching advice. First, restrict AutoCAD usage to trusted users and environments, employing application whitelisting and least privilege principles to limit the potential damage of exploitation. Implement strict controls on file sources by enforcing policies that only allow MODEL files from verified and trusted origins, combined with user training to recognize and avoid opening suspicious files. Employ endpoint detection and response (EDR) solutions capable of monitoring for anomalous AutoCAD behaviors, such as unexpected memory access patterns or crashes. Network segmentation should isolate systems running AutoCAD from critical infrastructure to contain potential breaches. Until official patches are released, consider deploying virtualized or sandboxed environments for opening untrusted MODEL files to prevent host compromise. Regularly monitor threat intelligence feeds for exploit developments and apply patches promptly once available. Additionally, conduct internal audits to identify all AutoCAD installations and ensure they are updated to the latest supported versions. Finally, enhance email security controls to reduce the risk of phishing attacks delivering malicious MODEL files.