CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-45142

Substance3D - Stager versions 3.0.3 and earlier are affected by a Write-what-where Condition vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. This vulnerability allows an attacker to write a controlled value to an arbitrary memory location, potentially leading to code execution. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.6%

CVSS Severity

CVSS v3 Score 7.8

References

https://helpx.adobe.com/security/products/substance3d_stager/apsb24-81.html

Products affected by CVE-2024-45142

Adobe » Substance 3d Stager » Version: N/A

cpe:2.3:a:adobe:substance_3d_stager:-
Adobe » Substance 3d Stager » Version: 2.0.1

cpe:2.3:a:adobe:substance_3d_stager:2.0.1
Adobe » Substance 3d Stager » Version: 2.1.3

cpe:2.3:a:adobe:substance_3d_stager:2.1.3
Adobe » Substance 3d Stager » Version: 3.0.2

cpe:2.3:a:adobe:substance_3d_stager:3.0.2
Adobe » Substance 3d Stager » Version: 3.0.3

cpe:2.3:a:adobe:substance_3d_stager:3.0.3
Apple » Macos » Version: N/A

cpe:2.3:o:apple:macos:-
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-45142

Products

Pricing

Contact Us