CVE-2023-29276
First published: Thu May 11 2023(Updated: )
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Substance 3D Painter | <=8.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2023-29276?
CVE-2023-29276 is classified as a critical vulnerability due to its potential for arbitrary code execution.
How do I fix CVE-2023-29276?
To fix CVE-2023-29276, update Adobe Substance 3D Painter to the latest version released after 8.3.0.
What are the potential impacts of CVE-2023-29276?
Exploitation of CVE-2023-29276 could allow attackers to execute arbitrary code on the affected system.
What versions of Adobe Substance 3D Painter are affected by CVE-2023-29276?
CVE-2023-29276 affects Adobe Substance 3D Painter versions up to and including 8.3.0.
Is user interaction required to exploit CVE-2023-29276?
Yes, exploitation of CVE-2023-29276 requires user interaction, as the victim must open a malicious file.
- collector/nvd-index
- vendor/adobe
- canonical/adobe substance 3d painter
- version/adobe substance 3d painter/8.3.0