CVE-2025-43581

| EUVD-2025-17719 HIGH
2025-06-10 [email protected]
7.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17719
CVE Published
Jun 10, 2025 - 18:15 nvd
HIGH 7.8

Tags

Buffer Overflow RCE Substance 3d Sampler

Description

Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Analysis

CVE-2025-43581 is an out-of-bounds write vulnerability in Adobe Substance3D - Sampler (versions 5.0 and earlier) that enables arbitrary code execution within the current user's security context. The vulnerability requires user interaction-specifically opening a malicious file-making it a file-based attack vector. With a CVSS score of 7.8 and high impact ratings for confidentiality, integrity, and availability, this represents a significant local privilege escalation risk for affected users, though exploitation requires social engineering or file delivery mechanisms.

Technical Context

Out-of-bounds write vulnerabilities (CWE-787) occur when software writes data to memory addresses outside the bounds of allocated buffers, corrupting adjacent memory structures and potentially enabling arbitrary code execution. In the context of Substance3D - Sampler, a 3D content creation and sampling tool by Adobe, this vulnerability likely manifests during the parsing or processing of malicious project files, texture files, or sampler configuration files. The affected CPE would be 'cpe:2.3:a:adobe:substance3d_sampler:*:*:*:*:*:*:*:*' with version constraint <=5.0. The vulnerability sits at the file parsing layer, where insufficient bounds checking on user-supplied data (from a malicious file) allows an attacker to overwrite critical heap or stack memory, redirect execution flow, or corrupt function pointers to achieve code execution.

Affected Products

Substance3D - Sampler (5.0 and earlier)

Remediation

Patching: Upgrade Substance3D - Sampler to version 5.1 or later when Adobe releases a patched version. Check Adobe Security Bulletins and the Substance3D product page for official patch releases.; priority: Critical Workaround: Until patching is available: (1) Restrict opening of Substance3D project files and sampler files to trusted sources only; (2) Disable Substance3D - Sampler if not actively in use; (3) Run Substance3D - Sampler in a sandboxed or isolated user account with minimal privilege elevation potential; (4) Implement file integrity monitoring on incoming Substance3D project files.; priority: High Detection: Monitor for suspicious file modifications or crashes in Substance3D - Sampler processes. Enable application whitelisting to prevent unauthorized code execution in the context of the application.; priority: Medium Monitoring: Subscribe to Adobe Security Bulletins (https://helpx.adobe.com/security.html) and Substance3D product advisories for patch availability and official remediation guidance.; priority: High

Priority Score

39
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +39
POC: 0

Share

CVE-2025-43581 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy