PT-2025-44631 · Trimble+1 · Trimble Sketchup 2025+2
Published
2025-10-31
·
Updated
2025-10-31
·
CVE-2025-60749
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Trimble SketchUp desktop version 2025
Description
A DLL hijacking issue exists in Trimble SketchUp desktop 2025. This occurs due to a crafted
libcef.dll file being used by sketchup webhelper.exe. An attacker could potentially leverage this to execute malicious code within the context of the SketchUp application.Recommendations
Replace the
libcef.dll file with a legitimate version.Fix
Uncontrolled Search Path Element
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Trimble Sketchup 2025
Libcef.Dll
Sketchup Webhelper.Exe