CVE-2024-53003

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 10, 2024
Updated: Dec 12, 2024
CWE ID 787

Summary

CVE-2024-53003 is a newly identified out-of-bounds write vulnerability affecting Substance3D Modeler versions 1.14.1 and earlier. This issue could potentially allow an attacker to execute arbitrary code on the victim's system, given that the user interacts with a maliciously crafted file. The vulnerability occurs due to improper handling of data in the software, resulting in unintended memory write access. Successful exploitation could lead to significant security risks, including unauthorized system access or data theft. Users are strongly encouraged to update their Substance3D Modeler software to mitigate this exposure.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share