Severity by source
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Analysis
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Technical ContextAI
An out-of-bounds memory access occurs when code reads from or writes to memory locations outside the intended buffer boundaries. This vulnerability is classified as Out-of-bounds Read (CWE-125).
RemediationAI
Implement proper bounds checking on all array and buffer accesses. Use memory-safe languages or static analysis tools to detect OOB issues.
More in Substance 3d Designer
View allSubstance3D - Designer versions 14.0.2 and earlier are affected by an out-of-bounds write vulnerability that could resul
Arbitrary code execution in Substance 3D Designer 15.0.3 and earlier results from an out-of-bounds write vulnerability t
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result
Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier via an out-of-bounds write vulnerability that trigg
Arbitrary code execution in Substance 3D Designer 15.1.0 and earlier through an out-of-bounds write vulnerability that r
Substance3D - Designer versions 13.1.2 and earlier are affected by an out-of-bounds write vulnerability that could resul
Substance3D - Designer versions 13.1.0 and earlier are affected by an out-of-bounds read vulnerability when parsing a cr
Adobe Substance 3D Designer versions 13.0.0 (and earlier) and 13.1.0 (and earlier) are affected by an out-of-bounds writ
Adobe Substance 3D Designer version 12.4.1 (and earlier) is affected by an Access of Uninitialized Pointer vulnerability
Adobe Substance 3D Designer version 12.4.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that
Same weakness CWE-125 – Out-of-bounds Read
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-20669