Cyber Resilience

CVE-2025-1045

High

Published: 23 April 2025

Published
23 April 2025
Modified
07 August 2025
KEV Added
Patch
CVSS Score v3 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0058 69.4th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1045 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Luxion Keyshot. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 30.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

Luxion KeyShot Viewer contains a heap-based buffer overflow vulnerability (CVE-2025-1045, ZDI-CAN-24586) in its KSP file parser. The flaw stems from insufficient validation of the length of attacker-supplied data before it is copied into a heap buffer, allowing remote code execution when a malicious KSP file is processed. The issue affects installations of Luxion KeyShot Viewer and carries a CVSS 3.0 score of 7.8.

An unauthenticated attacker can exploit the vulnerability by convincing a target to open a crafted KSP file or visit a malicious page that delivers such a file. Successful exploitation grants arbitrary code execution in the context of the KeyShot Viewer process. User interaction is required, and the attack vector is local with no privileges needed.

The EPSS score reached a peak of 0.0224 on 2026-05-25 before receding to the current value of 0.0058; no sustained rise after disclosure is evident from the available data.

EU & UK References

Vulnerability details

Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the…

more

target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24586.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

luxion
keyshot
≤ 2025.1

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References