CVE-2025-21161

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 11, 2025

CWE ID 787

Summary

CVE-2025-21161 is a vulnerability affecting Substance3D's Designer software versions 14.0.2 and prior. This issue involves an out-of-bounds write vulnerability, which allows an attacker to execute arbitrary code if a user opens a maliciously crafted file. The exploitation of this vulnerability requires user interaction, making it a potential threat to users who open unverified or suspicious files. This weakness could lead to significant security risks, including data theft or system compromise.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Substance 3D

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3Q5aOW
https://www.cve.org/CVERecord?id=CVE-2025-21161
https://nvd.nist.gov/vuln/detail/CVE-2025-21161

Back to Vulnerability Database