Login Sign Up

CVE-2023-25873

7.8 HIGH

📋 TL;DR

Adobe Substance 3D Stager has an out-of-bounds read vulnerability when parsing malicious files, which could allow attackers to execute arbitrary code as the current user. Users who open crafted files with affected versions (2.0.0 and earlier) are at risk. This requires user interaction through opening a malicious file.

💻 Affected Systems

Products:
  • Adobe Substance 3D Stager
Versions: 2.0.0 and earlier
Operating Systems: Windows, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of affected versions are vulnerable when opening files.

📦 What is this software?

Substance 3d Stager by Adobe

View all CVEs affecting Substance 3d Stager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through arbitrary code execution with current user privileges, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Limited code execution within the application context, potentially allowing file system access, data exfiltration, or installation of additional malware.

🟢

If Mitigated

Application crash or denial of service without code execution if memory protections are effective.

🌐 Internet-Facing: LOW - Exploitation requires user interaction to open malicious files, not directly accessible via network.
🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or shared malicious files, but still requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user to open malicious file; memory corruption must be leveraged for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.0.1 or later

Vendor Advisory: https://helpx.adobe.com/security/products/substance3d_stager/apsb23-22.html

Restart Required: Yes

Instructions:

1. Open Adobe Substance 3D Stager. 2. Go to Help > Check for Updates. 3. Install available updates to version 2.0.1 or later. 4. Restart the application.

🔧 Temporary Workarounds

Restrict file opening

all

Only open files from trusted sources and avoid unknown or suspicious files.

Application sandboxing

all

Run Adobe Substance 3D Stager in a sandboxed environment to limit potential damage.

🧯 If You Can't Patch

  • Discontinue use of Adobe Substance 3D Stager until patched
  • Implement application whitelisting to prevent execution of unpatched versions

🔍 How to Verify

Check if Vulnerable:

Check Adobe Substance 3D Stager version in Help > About. If version is 2.0.0 or earlier, system is vulnerable.

Check Version:

Not applicable - check via application GUI Help > About menu

Verify Fix Applied:

Verify version is 2.0.1 or later in Help > About. Test opening known safe files to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes with memory access violations
  • Unexpected file parsing errors

Network Indicators:

  • Unusual outbound connections after file opening
  • File downloads from untrusted sources

SIEM Query:

EventID=1000 OR EventID=1001 Source='Adobe Substance 3D Stager' AND (ExceptionCode=0xc0000005 OR ExceptionCode=0xc0000409)

📊 Metadata

CVE ID: CVE-2023-25873
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-125
Published: March 27, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-25873, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)