CVE-2025-2497 is a heap-based buffer overflow vulnerability classified under CWE-122, affecting Autodesk Revit versions 2024 and 2025. The vulnerability is triggered when Revit parses a maliciously crafted DWG file, a common file format used for CAD drawings. Due to improper bounds checking during the parsing process, an attacker can overflow a heap buffer, corrupting memory and enabling arbitrary code execution within the context of the Revit process. This can lead to full compromise of the application, allowing an attacker to execute code with the privileges of the user running Revit. The vulnerability requires user interaction, specifically opening or importing a malicious DWG file, and does not require prior authentication or elevated privileges. The CVSS v3.1 score is 7.8, reflecting high severity with high impact on confidentiality, integrity, and availability. No patches were available at the time of reporting, and no known exploits have been observed in the wild. The vulnerability was reserved in March 2025 and published in April 2025. Autodesk Revit is widely used in architecture, engineering, and construction industries, making this vulnerability particularly concerning for organizations relying on these workflows.

The exploitation of CVE-2025-2497 can lead to arbitrary code execution, allowing attackers to compromise the confidentiality, integrity, and availability of systems running Autodesk Revit. This could result in theft or manipulation of sensitive architectural and engineering designs, disruption of project workflows, and potential lateral movement within corporate networks if attackers leverage the compromised host as a foothold. Given Revit's role in critical infrastructure design and construction projects, successful exploitation could have cascading effects on project timelines and security of physical infrastructure. The requirement for user interaction limits automated exploitation but does not eliminate risk, especially in environments where users frequently exchange DWG files. The lack of known exploits in the wild currently reduces immediate risk but the high severity and public disclosure increase the likelihood of future exploitation attempts. Organizations using affected Revit versions without mitigations are at significant risk.

1. Apply security patches from Autodesk immediately once they become available to address the vulnerability. 2. Until patches are released, restrict the opening or importing of DWG files from untrusted or unknown sources. 3. Implement application whitelisting and sandboxing techniques to limit the impact of potential code execution within Revit. 4. Employ endpoint detection and response (EDR) solutions to monitor for anomalous behaviors indicative of exploitation attempts. 5. Educate users about the risks of opening unsolicited or suspicious DWG files and enforce strict file handling policies. 6. Use network segmentation to isolate systems running Revit from critical infrastructure and sensitive data repositories. 7. Regularly back up project files and maintain version control to recover from potential data corruption or ransomware attacks stemming from exploitation.