CVE-2023-25878

Name of the Vulnerable Software and Affected Versions Adobe Substance 3D Stager versions 2.0.0 and earlier

Description The issue is related to an out-of-bounds read vulnerability in the memory, which could allow an attacker to disclose sensitive information by using a specially crafted file. This vulnerability can be exploited when a victim opens a malicious file, and it may enable an attacker to bypass certain mitigations, such as Address Space Layout Randomization (ASLR).

Recommendations For Adobe Substance 3D Stager versions 2.0.0 and earlier, consider avoiding the use of potentially malicious files until a patch is available. As a temporary workaround, restrict the opening of files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.