Cyber Resilience

CVE-2025-15538

MediumPublic PoC

Published: 18 January 2026

Published
18 January 2026
Modified
10 February 2026
KEV Added
Patch
CVSS Score v4 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0003 10.4th percentile
Risk Priority 10 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-15538 is a medium-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Assimp Assimp. Its CVSS base score is 4.8 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Malicious File (T1204.002); ranked at the 10.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-15538 is a use-after-free vulnerability in the Open Asset Import Library (Assimp) versions up to 6.0.2. The issue affects the function Assimp::LWOImporter::FindUVChannels in the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. It is also associated with CWE-119 (improper restriction of operations within the bounds of a memory buffer) and CWE-416 (use after free), carrying a CVSS v3.1 base score of 5.3 (AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

The vulnerability requires local access to exploit, with low attack complexity and low privileges (PR:L). A successful exploit can result in limited impacts to confidentiality, integrity, and availability, potentially allowing a local attacker to cause memory corruption through crafted input processed by the affected Assimp component. A proof-of-concept exploit has been publicly disclosed and is available via a ZIP file attachment.

Advisories track the issue through Assimp GitHub repository issue #6258 (including a specific comment at #6258#issuecomment-3070999530) and VulDB entries (ctiid.341727 and id.341727), with the defect also referenced under issue #6128. No specific patches or mitigations are detailed in the provided references beyond ongoing issue tracking.

EU & UK References

Vulnerability details

A security vulnerability has been detected in Open Asset Import Library Assimp up to 6.0.2. Affected by this vulnerability is the function Assimp::LWOImporter::FindUVChannels of the file /src/assimp/code/AssetLib/LWO/LWOMaterial.cpp. Such manipulation leads to use after free. The attack needs to be performed…

more

locally. The exploit has been disclosed publicly and may be used. This and similar defects are tracked and handled via issue #6128.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
Why these techniques?

Use-after-free in file parsing library directly enables local execution via crafted malicious asset file (PoC via attachment).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-2755Same product: Assimp Assimp
CVE-2025-2592Same product: Assimp Assimp
CVE-2025-2753Same product: Assimp Assimp
CVE-2025-2152Same product: Assimp Assimp
CVE-2025-2750Same product: Assimp Assimp
CVE-2025-2752Same product: Assimp Assimp
CVE-2025-2151Same product: Assimp Assimp
CVE-2025-2757Same product: Assimp Assimp
CVE-2025-2756Same product: Assimp Assimp
CVE-2025-2754Same product: Assimp Assimp

Affected Assets

assimp
assimp
≤ 6.0.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly implements memory protection mechanisms that mitigate use-after-free conditions such as the one in Assimp::LWOImporter::FindUVChannels.

prevent

Requires validation of all inputs (e.g., LWO asset files) before processing, blocking the crafted local input that triggers the use-after-free.

prevent

Mandates timely identification and remediation of the tracked flaw (#6128) in the Assimp library before exploitation can occur.

References