What happened
A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that allows arbitrary code execution with the privileges of the current user. CVSS score is 9.6 Critical. The CVE was published on 2026-06-22.
Why it matters
Autodesk Fusion is widely used by engineers and designers in AI-augmented CAD/manufacturing workflows. The MCP extension makes Fusion a tool-callable surface for LLM agents. A single malicious webpage visit — with no other interaction — can achieve full RCE at the user's privilege level, potentially compromising the developer's local environment, credentials, and any connected AI agent workflows.
Attack vector
Drive-by: victim visits an attacker-controlled webpage while Autodesk Fusion with the MCP extension is running. No additional user interaction required.
Affected systems
Autodesk Fusion Desktop with MCP extension enabled
Mitigation
Apply Autodesk Fusion updates as released. Disable the MCP extension if not required. Monitor Autodesk security advisories. CVE reference: https://www.cve.org/CVERecord?id=CVE-2026-10789