CVE-2025-43571 – CVE-2025-43571 is a use-after-free vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2025-43571?

CVE-2025-43571 has a CVSS score of 7.8 (HIGH). CVE-2025-43571 is a use-after-free vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious file. This affects users of Substance3D Stager versions 3.1.1 and earlier, allowing attackers to run code with the victim's privileges.

📋 TL;DR

CVE-2025-43571 is a use-after-free vulnerability in Substance3D Stager that could allow arbitrary code execution when a user opens a malicious file. This affects users of Substance3D Stager versions 3.1.1 and earlier, allowing attackers to run code with the victim's privileges.

💻 Affected Systems

Products:

Adobe Substance3D Stager

Versions: 3.1.1 and earlier

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Substance 3d Stager by Adobe

View all CVEs affecting Substance 3d Stager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via arbitrary code execution leading to data theft, ransomware deployment, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation leading to user account compromise, data exfiltration, or lateral movement within the network.

🟢

If Mitigated

Limited impact with proper application sandboxing and user privilege restrictions, potentially only affecting isolated user data.

🌐 Internet-Facing: LOW - Exploitation requires user interaction to open malicious files, not directly exposed to internet attacks.

🏢 Internal Only: MEDIUM - Internal users could be targeted via phishing or malicious file shares, but requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file) and understanding of use-after-free memory corruption techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.1.2 or later

Vendor Advisory: https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html

Restart Required: Yes

Instructions:

1. Open Substance3D Stager. 2. Go to Help > Check for Updates. 3. Install available updates. 4. Restart the application. 5. Verify version is 3.1.2 or higher.

🔧 Temporary Workarounds

Restrict file opening

all

Prevent users from opening untrusted .stg or other Substance3D files from unknown sources

Application sandboxing

all

Run Substance3D Stager in restricted environments or sandboxes to limit potential damage

🧯 If You Can't Patch

Implement application control policies to restrict Substance3D Stager execution to trusted users only
Deploy endpoint detection and response (EDR) solutions to monitor for suspicious file opening behavior

🔍 How to Verify

Check if Vulnerable:

Check Substance3D Stager version in application settings or About dialog. If version is 3.1.1 or earlier, system is vulnerable.

Check Version:

On Windows: Check Help > About in Substance3D Stager GUI. No direct command-line version check available.

Verify Fix Applied:

Verify version is 3.1.2 or later in application settings. Test opening known safe files to ensure functionality.

📡 Detection & Monitoring

Log Indicators:

Application crashes with memory access violations
Unexpected child processes spawned from Substance3D Stager
Suspicious file opening events from the application

Network Indicators:

Unexpected outbound connections from Substance3D Stager process
DNS requests to suspicious domains after file opening

SIEM Query:

process_name:"Substance3D Stager.exe" AND (event_type:crash OR child_process_name:suspicious)

📊 Metadata

CVE ID: CVE-2025-43571

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-416

EPSS Score: 0.06% exploit probability (17.5th percentile)

Published: May 13, 2025

Last Updated: May 19, 2025

🔗 References

https://helpx.adobe.com/security/products/substance3d_stager/apsb25-46.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-43571, you might also want to check these: