CVE-2023-48637

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 13, 2023

Updated: Dec 18, 2023

CWE ID 125

Summary

CVE-2023-48637 is a newly disclosed vulnerability that affects Adobe Substance 3D Designer versions 13.0.0 and earlier, as well as 13.1.0 and earlier. This issue involves an out-of-bounds read vulnerability, which allows an attacker to read sensitive memory content unintentionally. By exploiting this flaw, cybercriminals can potentially bypass mitigations like Address Space Layout Randomization (ASLR), making it easier to execute attacks. To exploit the vulnerability, a user must open a malicious file, making it a user-interactive threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Substance 3D Designer

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tcTTZ7
https://www.cve.org/CVERecord?id=CVE-2023-48637
https://nvd.nist.gov/vuln/detail/CVE-2023-48637

Back to Vulnerability Database