CVE-2024-20713

Name of the Vulnerable Software and Affected Versions Adobe Substance 3D Stager versions 2.1.3 and earlier

Description The issue is related to insufficient input validation, which may allow an attacker to execute arbitrary code. It is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory, potentially enabling an attacker to bypass mitigations such as ASLR. Exploitation requires user interaction, where a victim must open a malicious file.

Recommendations For Adobe Substance 3D Stager versions 2.1.3 and earlier, update to a version later than 2.1.3 to resolve the issue. At the moment, there is no information about additional mitigation measures.