CVE-2025-54199
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-12

Last updated on: 2025-08-13

Assigner: Adobe Systems Incorporated

Description
Substance3D - Modeler versions 1.22.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-12
Last Modified
2025-08-13
Generated
2026-05-07
AI Q&A
2025-08-12
EPSS Evaluated
2026-05-05
NVD
CVE-2025-54199
EUVD
EUVD-2025-24518
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
adobe substance_3d_modeler to 1.22.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an out-of-bounds read in Substance3D - Modeler versions 1.22.0 and earlier. It occurs when a user opens a malicious file, which can cause the software to read memory outside the intended boundaries, potentially disclosing sensitive information.


How can this vulnerability impact me? :

The vulnerability can lead to disclosure of sensitive memory, which may expose confidential information. Exploitation requires user interaction by opening a malicious file, so the impact depends on a user being tricked into opening such a file.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, avoid opening files from untrusted or unknown sources, as exploitation requires user interaction by opening a malicious file. Additionally, update Substance3D - Modeler to a version later than 1.22.0 once available.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart