CVE-2024-41861

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2024
CWE ID 125

Summary

CVE-2024-41861 is a newly discovered vulnerability affecting Substance3D's Sampler version 4.5 and earlier. This issue involves an out-of-bounds read vulnerability that can result in the disclosure of sensitive memory. An attacker could take advantage of this flaw to bypass mitigations like Address Space Layout Randomization (ASLR). Notably, exploitation of this vulnerability necessitates user interaction, meaning a victim must open a malicious file for the attack to be successful.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share