Adobe Dimension Users Beware of Malicious Files

CVECVE-2023-25895
CVSScvssV3_1: 7.8
SourceCVE-2023-25895

Adobe Dimension, a popular 3D modeling software, has a vulnerability that could allow hackers to take control of users’ computers. The issue affects versions 3.4.7 and earlier of Adobe Dimension.

Hackers could craft a malicious file that, once opened by a victim, exploits a buffer overflow bug in Dimension. A buffer overflow occurs when a program tries to store more data in a buffer (temporary data storage area) than it was intended to hold. This can corrupt memory and execution flow, allowing the insertion and execution of malicious code.

In Dimension’s case, simply opening a boobytrapped file could provide full control of the affected system to the attacker. They would then be able to do anything the user could like download malware, view passwords and files, or use the computer for other nefarious purposes.

The best way to protect yourself is to keep your Adobe Dimension software updated to the latest version. Also be wary of opening any files from untrusted or unknown sources that could contain exploits. Until Adobe patches the vulnerability, exercise caution when using earlier versions of Dimension.

References