CVE-2026-0659 Overview
CVE-2026-0659 is an out-of-bounds write vulnerability [CWE-787] affecting Autodesk Arnold and Autodesk 3ds Max. The flaw triggers when a user loads or imports a maliciously crafted Universal Scene Description (USD) file. An attacker who convinces a user to open a weaponized USD file can execute arbitrary code in the context of the current process. The vulnerability requires local access and user interaction, but no privileges or authentication. Autodesk published Security Advisory ADSK-SA-2026-0003 to address the issue.
Critical Impact
Arbitrary code execution in the context of the Autodesk Arnold or 3ds Max process when a malicious USD file is opened, leading to full compromise of confidentiality, integrity, and availability on the user's workstation.
Affected Products
- Autodesk Arnold
- Autodesk 3ds Max
- Autodesk arnold-usd component for USD file processing
Discovery Timeline
- 2026-02-04 - CVE-2026-0659 published to NVD
- 2026-04-15 - Last updated in NVD database
Technical Details for CVE-2026-0659
Vulnerability Analysis
The vulnerability is an out-of-bounds write [CWE-787] in the USD file parser used by Autodesk Arnold and Autodesk 3ds Max. USD is a scene description framework widely used in 3D content production pipelines, and Autodesk integrates USD support through the open-source arnold-usd component. When the parser processes specific malformed structures within a USD file, it writes data past the boundary of an allocated buffer. This memory corruption can be steered by an attacker to overwrite adjacent control data, including function pointers or return addresses. The result is arbitrary code execution within the host application process.
Root Cause
The root cause is missing or insufficient bounds validation when the parser deserializes attacker-controlled fields from a USD file. The parser trusts size or index values embedded in the file and uses them to compute write destinations without verifying them against the allocated buffer length. Out-of-bounds write conditions in C++ media and asset parsers commonly stem from integer arithmetic on untrusted length fields, malformed array indices, or unchecked offsets passed to memory copy routines.
Attack Vector
Exploitation requires the victim to open or import a crafted USD file in Autodesk Arnold or 3ds Max. Delivery channels include shared production assets, asset marketplaces, email attachments, and compromised content pipelines. The attacker does not need credentials on the target system. Code executes with the same privileges as the user running the Autodesk application, which in creative workstation environments often includes broad access to project files, network shares, and licensing infrastructure. No verified public proof-of-concept code is available at the time of writing. For technical details, refer to the Autodesk Security Advisory ADSK-SA-2026-0003 and the arnold-usd GitHub repository.
Detection Methods for CVE-2026-0659
Indicators of Compromise
- Unexpected child processes spawned by 3dsmax.exe, kick.exe, or other Arnold renderer executables, particularly shells, scripting hosts, or rundll32.exe.
- USD files (.usd, .usda, .usdc, .usdz) arriving from untrusted sources or staged outside of standard asset library paths.
- Crash dumps or Windows Error Reporting events referencing access violations in the Arnold or USD parsing modules.
Detection Strategies
- Hunt for process lineage where Autodesk 3ds Max or Arnold processes launch command interpreters, PowerShell, or network utilities.
- Inspect file write and module load events for Autodesk processes loading unsigned DLLs or writing executables to user-writable directories.
- Correlate USD file open events from recent-files telemetry with subsequent suspicious process or network activity on the same host.
Monitoring Recommendations
- Enable application crash telemetry for Autodesk products and forward events to a centralized log platform for analysis.
- Monitor egress connections from creative workstations to non-corporate destinations following USD imports.
- Track introduction of USD assets into production pipelines and validate their provenance against approved sources.
How to Mitigate CVE-2026-0659
Immediate Actions Required
- Apply the fixed versions of Autodesk Arnold and 3ds Max as identified in Autodesk Security Advisory ADSK-SA-2026-0003.
- Inventory all hosts running Arnold or 3ds Max and prioritize patching for workstations that process externally sourced USD assets.
- Instruct artists and pipeline engineers to avoid opening USD files received from unverified senders or untrusted asset stores until patches are deployed.
Patch Information
Autodesk has issued fixed builds for the affected products through Security Advisory ADSK-SA-2026-0003. Customers should consult the advisory and deploy the listed updates via Autodesk Access or their enterprise software distribution mechanism. The upstream fix is tracked in the Autodesk arnold-usd project.
Workarounds
- Restrict USD file ingestion to a vetted asset pipeline and reject files originating from outside approved sources.
- Run Autodesk applications under standard user accounts without administrative privileges to limit post-exploitation impact.
- Use application allowlisting and process-lineage rules to block child process creation from Autodesk binaries where business workflows allow.
# Example: enumerate USD files introduced to a workstation in the last 7 days
Get-ChildItem -Path C:\Users -Recurse -Include *.usd,*.usda,*.usdc,*.usdz -ErrorAction SilentlyContinue |
Where-Object { $_.LastWriteTime -gt (Get-Date).AddDays(-7) } |
Select-Object FullName, LastWriteTime, Length
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
