CVE-2024-48423

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions assimp version 5.4.3

Description An issue in the Assimp library allows a local attacker to execute arbitrary code via the CallbackToLogRedirector function. This enables the attacker to potentially gain control over the system.

Recommendations For assimp version 5.4.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the CallbackToLogRedirector function until a patch is available.

Exploit

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-07005

CVE-2024-48423

OESA-2025-1602

OESA-2025-1603

OPENSUSE-SU-2024:14610-1

OPENSUSE-SU-2025:0113-1

PYSEC-2024-120

Affected Products

Debian

Red Os

Assimp

CVE-2024-48423

Weakness Enumeration

Related Identifiers

Affected Products

References · 43