How to fix EUVD-2025-17720?

Within 24 hours: Identify all Substance3D Sampler installations (version 5.0 and earlier) across the organization and disable file opening capabilities where possible; notify affected users to avoid opening files from untrusted sources. Within 7 days: Implement file type restrictions and sandboxing for Substance3D file formats; consider blocking .sbs and related file types at email gateways; evaluate whether Sampler usage is critical to business operations. Within 30 days: Monitor Adobe security advisories for patch availability; plan immediate deployment upon release; consider upgrading to version 5.1 or later if available.

Is Substance 3d Sampler affected by EUVD-2025-17720?

Substance3D Sampler versions 5.0 and earlier contain a critical vulnerability allowing arbitrary code execution when users open malicious files.

EUVD-2025-17720

| CVE-2025-43588 HIGH

2025-06-10 [email protected]

7.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 14, 2026 - 19:49 vuln.today

EUVD ID Assigned

Mar 14, 2026 - 19:49 euvd

EUVD-2025-17720

CVE Published

Jun 10, 2025 - 18:15 nvd

HIGH 7.8

Description

Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Analysis

A remote code execution vulnerability (CVSS 7.8). High severity vulnerability requiring prompt remediation.

Technical Context

CWE-787 (Out-of-bounds Write). CVSS 7.8 indicates high severity.

Affected Products

['Unspecified product']

Remediation

Monitor vendor channels for patch availability. Consider network segmentation to limit exposure if patching is delayed.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.0

CVSS: +39

POC: 0

EUVD-2025-17720 vulnerability details – vuln.today

Back

EUVD-2025-17720

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

EUVD-2025-17720

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code