CVE-2025-0412

CVSS 3.0 Score 7.8 of 10 (high)

Details

Published Jan 13, 2025
CWE ID 119

Summary

CVE-2025-0412 is a remote code execution vulnerability affecting Luxion KeyShot Viewer. Malicious KSP files can cause memory corruption during processing, leading to code execution in the affected system. User interaction, such as visiting a malicious webpage or opening a malicious file, is necessary for exploitation. This issue was identified as ZDI-CAN-22139 and stems from insufficient validation of user-supplied data.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share