CVE-2025-54258 is a Use After Free (CWE-416) vulnerability identified in Adobe Substance3D - Modeler versions 1.22.2 and earlier. This vulnerability arises when the software improperly manages memory, specifically by accessing memory after it has been freed. Such a flaw can lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction, specifically the victim opening a maliciously crafted file designed to trigger the vulnerability. The scope of the vulnerability is unchanged, meaning the impact is limited to the privileges of the current user and does not extend to other system components or users. The CVSS v3.1 base score is 7.8, indicating a high severity level. The vector details (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) show that the attack requires local access (local vector), low attack complexity, no privileges required, but user interaction is necessary. Successful exploitation can lead to full compromise of confidentiality, integrity, and availability within the user context. No known exploits are currently reported in the wild, and no official patches have been linked yet. The vulnerability was reserved in July 2025 and published in September 2025, indicating it is a recent discovery.

For European organizations, the impact of this vulnerability can be significant, especially for those using Adobe Substance3D - Modeler in creative, design, or digital content production workflows. Successful exploitation could allow attackers to execute arbitrary code, potentially leading to data theft, unauthorized access to sensitive design assets, or disruption of production environments. Since the vulnerability requires user interaction, phishing or social engineering campaigns could be used to deliver malicious files. This risk is heightened in organizations with less mature security awareness or insufficient endpoint protection. The compromise of design files or intellectual property could have financial and reputational consequences, particularly for industries such as media, advertising, gaming, and manufacturing. Additionally, if the compromised user has access to broader network resources, lateral movement and further escalation could occur. The lack of a patch at the time of disclosure increases the window of exposure.

European organizations should implement targeted mitigations beyond generic advice: 1) Restrict and monitor the use of Adobe Substance3D - Modeler to only trusted users and environments. 2) Employ application whitelisting and sandboxing to limit the impact of potential code execution. 3) Educate users on the risks of opening files from untrusted sources, emphasizing the specific threat of malicious Substance3D files. 4) Use endpoint detection and response (EDR) tools to detect anomalous behaviors indicative of exploitation attempts. 5) Monitor network traffic for unusual activity originating from workstations running Substance3D - Modeler. 6) Coordinate with Adobe for timely patch deployment once available and consider temporary disabling of the software if risk is unacceptable. 7) Implement strict file scanning policies on email gateways and file shares to detect and block malicious files targeting this vulnerability.