Skip to content
Threat Feed
high advisory

CVE-2026-7451 - Autodesk 3ds Max Out-of-Bounds Write Vulnerability via Malicious TIF File

CVE-2026-7451 is an out-of-bounds write vulnerability in Autodesk 3ds Max that can be exploited via a maliciously crafted TIF file, potentially leading to a crash, data corruption, or arbitrary code execution.

CVE-2026-7451 is an out-of-bounds write vulnerability affecting Autodesk 3ds Max. The vulnerability arises when the software parses a maliciously crafted TIF file. Successful exploitation could lead to a crash, data corruption, or even arbitrary code execution within the context of the current process. This vulnerability poses a significant risk to users who process untrusted TIF files with Autodesk 3ds Max. An attacker could potentially leverage this vulnerability to compromise a system by enticing a user to open a malicious TIF file.

Attack Chain

  1. Attacker crafts a malicious TIF file designed to trigger the out-of-bounds write.
  2. Attacker delivers the malicious TIF file to a target user (e.g., via email, shared drive, or website).
  3. The user opens the malicious TIF file using Autodesk 3ds Max.
  4. Autodesk 3ds Max parses the TIF file, triggering the out-of-bounds write vulnerability due to the malicious content.
  5. The out-of-bounds write corrupts memory within the 3ds Max process.
  6. The memory corruption leads to a crash, data corruption, or enables arbitrary code execution.
  7. If arbitrary code execution is achieved, the attacker can gain control of the affected system.
  8. The attacker can then perform malicious activities such as installing malware, stealing data, or further compromising the network.

Impact

Successful exploitation of CVE-2026-7451 can lead to several negative consequences. A crash can cause loss of unsaved work and disrupt productivity. Data corruption can result in loss of valuable assets and require costly recovery efforts. Arbitrary code execution allows an attacker to gain complete control over the affected system, leading to data theft, malware installation, or further network compromise. Given the potential for arbitrary code execution, this vulnerability is considered high severity.

Recommendation

  • Apply the security update provided by Autodesk to patch CVE-2026-7451 in Autodesk 3ds Max.
  • Educate users about the risks of opening files from untrusted sources to prevent social engineering attacks.
  • Monitor for unexpected crashes or unusual behavior in Autodesk 3ds Max processes that could indicate exploitation attempts.
  • Deploy the Sigma rule to detect suspicious process creation events related to 3ds Max after loading potentially malicious files.

Detection coverage 2

Detects CVE-2026-7451 Exploitation — 3ds Max Crash After TIF Load

medium

Detects CVE-2026-7451 exploitation — Monitors for 3ds Max crashes shortly after loading a TIF file, which may indicate an out-of-bounds write vulnerability exploitation attempt.

sigma tactics: impact techniques: T1499.004 sources: application, windows

Detects CVE-2026-7451 Attempt — 3ds Max Loading TIF from Suspicious Location

low

Detects CVE-2026-7451 attempt — Monitors for 3ds Max loading TIF files from unusual or temporary locations, which might suggest a malicious file being processed.

sigma tactics: initial_access techniques: T1566.001 sources: process_creation, windows

Detection queries are available on the platform. Get full rules →