First published: Thu May 11 2023(Updated: )
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Substance 3D Painter | <=8.3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-29283 is rated as high with a score of 7.8.
CVE-2023-29283 is a Heap-based Buffer Overflow vulnerability in Adobe Substance 3D Painter versions 8.3.0 and earlier that could lead to arbitrary code execution with user interaction.
CVE-2023-29283 affects Adobe Substance 3D Painter versions 8.3.0 and earlier by allowing arbitrary code execution in the context of the current user.
Yes, exploitation of CVE-2023-29283 requires user interaction as the victim must open a malicious file.
For more information about CVE-2023-29283, you can refer to the Adobe Security bulletin APSB23-29.