CVE-2024-53004
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2024-53004 is a newly disclosed vulnerability that impacts Substance3D's Modeler versions 1.14.1 and below. This issue is classified as an out-of-bounds read vulnerability, which means that memory beyond the designated bounds of an application's buffer can be accessed. The consequences of this vulnerability are severe, as sensitive memory can be disclosed, potentially exposing sensitive data. An attacker could exploit this flaw to bypass Address Space Layout Randomization (ASLR) mitigations, making it easier to execute further attacks. Importantly, this issue requires user interaction, meaning that a victim must open a maliciously crafted file for exploitation to occur.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.