CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-21139

Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.6%

CVSS Severity

CVSS v3 Score 7.8

References

https://helpx.adobe.com/security/products/substance3d_designer/apsb25-06.html

Products affected by CVE-2025-21139

Adobe » Substance 3d Designer » Version: N/A

cpe:2.3:a:adobe:substance_3d_designer:-
Adobe » Substance 3d Designer » Version: 12.4.0

cpe:2.3:a:adobe:substance_3d_designer:12.4.0
Adobe » Substance 3d Designer » Version: 13.1.0

cpe:2.3:a:adobe:substance_3d_designer:13.1.0
Adobe » Substance 3d Designer » Version: 13.1.1

cpe:2.3:a:adobe:substance_3d_designer:13.1.1
Adobe » Substance 3d Designer » Version: 13.1.2

cpe:2.3:a:adobe:substance_3d_designer:13.1.2
Adobe » Substance 3d Designer » Version: 14.0

cpe:2.3:a:adobe:substance_3d_designer:14.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-21139

Products

Pricing

Contact Us