CVE-2025-6636 is a Use-After-Free (CWE-416) vulnerability identified in Autodesk Shared Components, specifically affecting version 2026.2. The vulnerability arises when a maliciously crafted PRT file is parsed by Autodesk products utilizing these shared components. A Use-After-Free flaw occurs when a program continues to use memory after it has been freed, leading to undefined behavior. In this case, the flaw can be exploited to cause a denial of service (application crash), unauthorized disclosure of sensitive data, or arbitrary code execution within the context of the affected process. The attack vector requires the victim to open or process a specially crafted PRT file, implying user interaction is necessary. No privileges or authentication are required to trigger the vulnerability, increasing its risk profile. The vulnerability has a CVSS 3.1 base score of 7.8, reflecting high severity with impacts on confidentiality, integrity, and availability. Although no known exploits have been reported in the wild as of the publication date, the potential for exploitation exists, especially in targeted attacks. The vulnerability affects Autodesk Shared Components, which are widely used across Autodesk’s CAD and design software suites, making the attack surface broad within organizations relying on these tools for engineering, manufacturing, and design workflows.

The impact of CVE-2025-6636 is significant for organizations using Autodesk products that parse PRT files. Successful exploitation can lead to application crashes, disrupting engineering and design workflows and causing productivity loss. More critically, arbitrary code execution can allow attackers to execute malicious payloads with the same privileges as the affected application, potentially leading to system compromise, lateral movement, or data exfiltration. Confidential design data, intellectual property, and sensitive project information could be exposed or manipulated, impacting confidentiality and integrity. Given the widespread use of Autodesk software in industries such as manufacturing, automotive, aerospace, and construction, the vulnerability poses a risk to critical infrastructure and intellectual property protection worldwide. The requirement for user interaction limits mass exploitation but does not eliminate targeted attacks, especially spear-phishing campaigns delivering malicious PRT files. The absence of known exploits currently provides a window for mitigation before active exploitation occurs.

Organizations should implement the following specific mitigations: 1) Monitor Autodesk’s official channels for patches addressing CVE-2025-6636 and apply updates promptly once available. 2) Until patches are released, restrict or disable the processing of untrusted or unsolicited PRT files, especially from external or unknown sources. 3) Employ file integrity and content inspection tools to detect and block malformed or suspicious PRT files. 4) Use application sandboxing or containerization to limit the impact of potential exploitation by isolating Autodesk applications from critical system resources. 5) Educate users on the risks of opening files from untrusted sources and implement strict email filtering to reduce the likelihood of malicious file delivery. 6) Review and enforce least privilege principles for users running Autodesk software to minimize the potential damage from exploitation. 7) Implement endpoint detection and response (EDR) solutions to identify anomalous behaviors indicative of exploitation attempts. These measures, combined with timely patching, will reduce the risk and impact of this vulnerability.