CVE-2025-54193
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-12

Last updated on: 2025-08-13

Assigner: Adobe Systems Incorporated

Description
Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-12
Last Modified
2025-08-13
Generated
2026-05-07
AI Q&A
2025-08-12
EPSS Evaluated
2026-05-05
NVD
CVE-2025-54193
EUVD
EUVD-2025-24506
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
adobe substance_3d_painter to 11.0.3 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an out-of-bounds read in Substance3D - Painter versions 11.0.2 and earlier. It occurs when a user opens a malicious file, which can cause the software to read memory outside of its intended boundaries, potentially exposing sensitive information stored in memory.


How can this vulnerability impact me? :

If exploited, this vulnerability could lead to the disclosure of sensitive memory contents, which might include confidential data. However, exploitation requires user interaction, specifically opening a malicious file, and it does not affect integrity or availability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart