CVE-2024-30375 is a use-after-free vulnerability (CWE-416) identified in Luxion KeyShot Viewer version 2023.3_12.2.1.2. The vulnerability exists in the KSP file parsing component, where the software fails to verify the existence of an object before performing operations on it, leading to a use-after-free condition. This memory corruption flaw can be triggered remotely when a user opens a maliciously crafted KSP file or visits a malicious webpage that causes the viewer to process such a file. Exploitation allows an attacker to execute arbitrary code within the context of the current process, potentially leading to full system compromise depending on the privileges of the user running the application. The vulnerability requires user interaction (UI:R) but no prior authentication (PR:N), and the attack vector is local (AV:L), meaning the attacker must deliver the malicious file or lure the user to a malicious site. The CVSS v3.0 base score is 7.8, indicating a high severity level with high impact on confidentiality, integrity, and availability. No public exploits are known at this time, but the flaw was responsibly disclosed and tracked as ZDI-CAN-22515. The lack of patch links suggests that a fix may be pending or recently released. Given KeyShot Viewer's use in 3D rendering and visualization workflows, this vulnerability poses a significant risk to organizations relying on this software for design and presentation.

The impact of CVE-2024-30375 is substantial for organizations using Luxion KeyShot Viewer, particularly in industries such as product design, manufacturing, automotive, and media where 3D visualization is critical. Successful exploitation can lead to arbitrary code execution, allowing attackers to install malware, steal intellectual property, or disrupt operations. Since the vulnerability affects the confidentiality, integrity, and availability of systems, it can result in data breaches, loss of sensitive design files, and operational downtime. The requirement for user interaction means social engineering or phishing campaigns could be used to deliver malicious KSP files. Organizations with lax file handling policies or insufficient user awareness are at greater risk. Additionally, compromised systems could serve as footholds for lateral movement within corporate networks, amplifying the threat. Although no exploits are currently known in the wild, the high CVSS score and the nature of the vulnerability warrant urgent attention to prevent potential future attacks.

1. Apply patches or updates from Luxion as soon as they become available to address this vulnerability. 2. Until patches are released, restrict the opening of KSP files from untrusted or unknown sources by implementing strict file validation and sandboxing measures. 3. Educate users about the risks of opening files from unverified origins and train them to recognize phishing attempts that may deliver malicious KSP files. 4. Employ endpoint protection solutions capable of detecting anomalous behavior related to memory corruption or code execution attempts within KeyShot Viewer. 5. Use application whitelisting to limit execution of unauthorized code and monitor KeyShot Viewer processes for unusual activity. 6. Implement network segmentation to contain potential compromises and limit lateral movement if exploitation occurs. 7. Regularly back up critical design and project files to enable recovery in case of compromise. 8. Monitor threat intelligence feeds for any emerging exploits targeting this vulnerability to respond promptly.