Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.8
CVE-2025-54244: Substance3D Viewer - Malicious File Can Run Code on Your Computer
CVE-2025-54244
Summary
Substance3D Viewer versions 0.25.1 and earlier have a security weakness. If you open a malicious file using this software, an attacker could potentially take control of your computer. Update to the latest version to protect yourself.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| adobe | substance_3d_viewer |
< 0.25.2 cpe:2.3:a:adobe:substance_3d_viewer:*:*:*:*:*:*:*:* |
Original title
Substance3D - Viewer versions 0.25.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit...
Original description
Substance3D - Viewer versions 0.25.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
nvd CVSS3.1
7.8
Vulnerability type
CWE-122
Heap-based Buffer Overflow
Published: 9 Sep 2025 · Updated: 15 Jun 2026 · First seen: 7 Mar 2026