CVE-2025-15538

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp versions up to 6.0.2

Description A security issue exists in Open Asset Import Library Assimp. The Assimp::LWOImporter::FindUVChannels function within the /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp file is susceptible to a use after free condition. This manipulation requires local access to perform the attack. The details of the issue are tracked as issue #6128 and the exploit has been publicly disclosed.

Recommendations Versions prior to 6.0.2 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

CVE-2025-15538

Affected Products

Open Asset Import Library

CVE-2025-15538

Weakness Enumeration

Related Identifiers

Affected Products

References · 16