CVE-2025-54260: Out-of-bounds Read (CWE-125) in Adobe Substance3D - Modeler
Substance3D - Modeler versions 1.22.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is unchanged.
CVE-2025-54260: Out-of-bounds Read (CWE-125) in Adobe Substance3D - Modeler
Description
Substance3D - Modeler versions 1.22.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is unchanged.
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- adobe
- Date Reserved
- 2025-07-17T21:15:02.462Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68c0a1239ed239a66bad10b4
Added to database: 9/9/2025, 9:50:27 PM
Last updated: 9/9/2025, 9:50:27 PM
Views: 1
Related Threats
CVE-2025-10171: Buffer Overflow in UTT 1250GW
HighCVE-2025-54259: Integer Overflow or Wraparound (CWE-190) in Adobe Substance3D - Modeler
HighCVE-2025-54258: Use After Free (CWE-416) in Adobe Substance3D - Modeler
HighCVE-2025-49461: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in Zoom Communications, Inc Zoom Workplace Clients
MediumCVE-2025-49460: CWE-400 Uncontrolled Resource Consumption in Zoom Communications, Inc Zoom Workplace Clients
MediumActions
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.