CVE-2025-2152

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3

Description A critical issue has been found in the Open Asset Import Library Assimp, affecting the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp in the File Handler component. This issue leads to a heap-based buffer overflow and can be initiated remotely.

Recommendations For Open Asset Import Library Assimp version 5.4.3, as a temporary workaround, consider disabling the Assimp::BaseImporter::ConvertToUTF8 function until a patch is available. Restrict access to the File Handler component to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Heap Based Buffer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-122CWE-119

Related Identifiers

BDU:2025-07007

CVE-2025-2152

OESA-2026-1079

OESA-2026-1080

OESA-2026-1081

OESA-2026-1082

OESA-2026-1083

OESA-2026-1084

OPENSUSE-SU-2025:15198-1

PYSEC-2025-159

Affected Products

Assimp

Debian

Red Os

CVE-2025-2152

Weakness Enumeration

Related Identifiers

Affected Products

References · 43