CVE-2025-1045
Published: 23 April 2025
Summary
CVE-2025-1045 is a high-severity Heap-based Buffer Overflow (CWE-122) vulnerability in Luxion Keyshot. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 30.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
Luxion KeyShot Viewer contains a heap-based buffer overflow vulnerability (CVE-2025-1045, ZDI-CAN-24586) in its KSP file parser. The flaw stems from insufficient validation of the length of attacker-supplied data before it is copied into a heap buffer, allowing remote code execution when a malicious KSP file is processed. The issue affects installations of Luxion KeyShot Viewer and carries a CVSS 3.0 score of 7.8.
An unauthenticated attacker can exploit the vulnerability by convincing a target to open a crafted KSP file or visit a malicious page that delivers such a file. Successful exploitation grants arbitrary code execution in the context of the KeyShot Viewer process. User interaction is required, and the attack vector is local with no privileges needed.
The EPSS score reached a peak of 0.0224 on 2026-05-25 before receding to the current value of 0.0058; no sustained rise after disclosure is evident from the available data.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-12194
Vulnerability details
Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the…
more
target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of KSP files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24586.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.