Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local attack vector with low-privilege requirement confirmed by description; heap overflow yields limited CIA impact with no scope change to other systems.
Primary rating from Vendor (VulDB).
CVSS VectorVendor: VulDB
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. This and similar defects are tracked and handled via issue #6128.
AnalysisAI
Heap-based buffer overflow in Open Asset Import Library (Assimp) versions up to 5.4.3 allows a local attacker with low privileges to corrupt heap memory by supplying a crafted 3D model file with manipulated width or height values to the SceneCombiner::Copy function in code/Common/SceneCombiner.cpp. A public proof-of-concept exploit has been disclosed via GitHub issue #6079, elevating real-world risk despite the local-only attack vector. No confirmed patched release has been independently verified at time of analysis, and exploitation conditions require only low-privilege local access with no user interaction beyond loading the malicious file.
Technical ContextAI
Assimp (Open Asset Import Library) is a C++ library widely used in game engines, 3D editors, and visualization tools to import and process 3D model files across dozens of formats. The vulnerability resides in the SceneCombiner component (code/Common/SceneCombiner.cpp), specifically the Assimp::SceneCombiner::Copy function, which is responsible for merging or duplicating scene graphs during model processing. CWE-122 (Heap-based Buffer Overflow) indicates that the function writes beyond the bounds of a heap-allocated buffer when processing width or height fields from a crafted model file - classic insufficient bounds validation on user-supplied dimensional metadata. The affected CPE is cpe:2.3:a:open_asset_import_library:assimp:*:*:*:*:*:*:*:*, confirming all product editions through version 5.4.3 are affected. The CVSS 4.0 E:P modifier in the vector confirms an active proof-of-concept is available.
RemediationAI
No vendor-released patched version has been independently confirmed at time of analysis. The defect is tracked upstream via Assimp GitHub issue #6128, and the public proof-of-concept is documented in issue #6079 (https://github.com/assimp/assimp/issues/6079); monitor these threads for an official fix release and upgrade immediately once a patched version is tagged. In the interim, the most effective compensating control is to prevent Assimp-based applications from processing untrusted or user-supplied 3D model files - disable or gate any file-upload or file-load functionality that passes external content to the library. If Assimp is used in a content pipeline, restrict model ingestion to files sourced exclusively from trusted internal systems and apply format allowlisting to reduce the attack surface. Running Assimp-consuming processes in a sandboxed or low-privilege container (e.g., seccomp-restricted, read-only filesystem where possible) limits the blast radius of successful heap exploitation. Note that sandboxing does not prevent the overflow but constrains post-exploitation lateral movement.
An issue in assimp v.5.4.3 allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function wi
Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component A
A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. Rated medium
A segmentation fault (SEGV) was detected in the SortByPTypeProcess::Execute function in the Assimp library during fuzz t
A segmentation fault (SEGV) was detected in the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode function within the
A heap-buffer-overflow vulnerability has been identified in the OpenDDLParser::parseStructure function within the Assimp
A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CV
A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic.h of the component CSM
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3.cpp. Rated m
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS
A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (
Same weakness CWE-122 – Heap-based Buffer Overflow
View allSame technique Heap Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210394
GHSA-5hv8-2h72-hc2x