CVE-2025-21131
Published: 14 January 2025
Summary
CVE-2025-21131 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Adobe Substance 3D Stager. Its CVSS base score is 7.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 34.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-2 (Flaw Remediation) and RA-5 (Vulnerability Monitoring and Scanning).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates the out-of-bounds write vulnerability by requiring timely remediation through application of the security update recommended in Adobe APSB25-03.
Implements memory protections such as ASLR and DEP to hinder exploitation of the out-of-bounds write into arbitrary code execution.
Enables periodic vulnerability scanning to identify and report the presence of vulnerable Substance3D Stager versions affected by this CVE.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Out-of-bounds write in desktop app enables arbitrary code execution via malicious file opened by user (T1204.002), directly matching exploitation for client execution (T1203).
NVD Description
Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must…
more
open a malicious file.
Deeper analysisAI
Substance3D - Stager versions 3.0.4 and earlier are affected by CVE-2025-21131, an out-of-bounds write vulnerability (CWE-787) that could result in arbitrary code execution in the context of the current user. Published on 2025-01-14, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating high impact potential despite requiring local access and user interaction.
Exploitation requires a victim to open a malicious file in the affected software, enabling an attacker with local access to trigger the out-of-bounds write. Successful exploitation allows arbitrary code execution with the privileges of the current user, potentially leading to full system compromise if the user has elevated permissions.
The Adobe Product Security Bulletin APSB25-03 at https://helpx.adobe.com/security/products/substance3d_stager/apsb25-03.html details the vulnerability and recommends applying the available security update to mitigate it.
Details
- CWE(s)