CVE•Published 2017-01-25•Modified 2026-05-13•1 article on news•4 live references•NVD data
CVE-2016-9305Autodesk · Fbx_software_development_kit
Vulnerability data via NVD (ingested)
CVSS v3.1
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS percentile
—
Weaknesses (CWE)
Description
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
Timeline
Published 2017-01-25
Modified 2026-05-13
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
Shodan · vuln tag0 hosts
vuln:CVE-2016-9305Hosts Shodan has explicitly fingerprinted as vulnerable.
Shodan · product
product:"Autodesk Fbx Software Development Kit"All exposed Autodesk Fbx Software Development Kit instances — cross-reference with the CVE's affected-version range.
Shodan · banner/body mention
http.html:"Fbx Software Development Kit"HTTP body or banner mentions "Fbx Software Development Kit" — catches deploys Shodan didn't identify as a product.
More intel sources (5)
Shodan report
vuln:CVE-2016-9305Country / ASN / product breakdown for the vuln query.
Censys
vulnerabilities.cve_id: CVE-2016-9305Censys host search filtered to this CVE id.
grep.app
CVE-2016-9305Public source-code mentions — fast PoC discovery.
GitHub code
CVE-2016-9305GitHub code search for direct mentions.
Google dork
"CVE-2016-9305" exploit -site:nvd.nist.govWrite-ups and news, NVD excluded.