CVE-2024-47438
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Nov 12, 2024
Updated: Nov 13, 2024
CWE ID 787
CWE ID 123
Summary
CVE-2024-47438 is a Write-what-where Condition vulnerability affecting Substance3D Painter versions 10.1.0 and prior. This issue grants attackers the ability to write data to a designated memory location, potentially leading to a memory leak. The exploitation of this vulnerability necessitates user interaction, as the victim must open a maliciously-crafted file for the attack to be successful. Successful exploitation could result in the disclosure of sensitive information residing in the affected memory.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- Adobe