CVE-2025-54190
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-12

Last updated on: 2025-08-13

Assigner: Adobe Systems Incorporated

Description
Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-12
Last Modified
2025-08-13
Generated
2026-05-07
AI Q&A
2025-08-12
EPSS Evaluated
2026-05-05
NVD
CVE-2025-54190
EUVD
EUVD-2025-24509
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
adobe substance_3d_painter to 11.0.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an out-of-bounds read in Substance3D - Painter versions 11.0.2 and earlier. It occurs when a user opens a malicious file, which can cause the software to read memory outside of its intended bounds, potentially disclosing sensitive information from memory.


How can this vulnerability impact me? :

The vulnerability can lead to disclosure of sensitive memory, which means an attacker could gain access to confidential information stored in the application's memory. Exploitation requires user interaction, specifically opening a malicious file, so the impact depends on a user being tricked into doing so.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart