CVE-2026-0662 | THREATINT

Description

A maliciously crafted project directory, when opening a max file in Autodesk 3ds Max, could lead to execution of arbitrary code in the context of the current process due to an Untrusted Search Path being utilized.

PUBLISHED Reserved 2026-01-06 | Published 2026-02-04 | Updated 2026-02-06 | Assigner autodesk

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-426 Untrusted Search Path

Product status

Default status

unaffected

2026 (custom) before 2026.3.2

affected

References

www.autodesk.com/products/autodesk-access/overview patch

www.autodesk.com/trust/security-advisories/adsk-sa-2026-0002 vendor-advisory

cve.org (CVE-2026-0662)

nvd.nist.gov (CVE-2026-0662)

Download JSON