CVE-2024-52999
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Dec 10, 2024
Updated: Dec 12, 2024
CWE ID 122
CWE ID 787
Summary
CVE-2024-52999 is a newly disclosed vulnerability affecting Substance3D's Modeler versions 1.14.1 and prior. This issue involves a Heap-based Buffer Overflow, which if exploited, could lead to arbitrary code execution. The vulnerability can only be activated when a user opens a maliciously crafted file, increasing the potential for targeted attacks. Successful exploitation occurs in the context of the current user, making this a significant security concern for Substance3D Modeler users.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share