CVE-2025-2752

A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function fast_atoreal_move in the library include/assimp/fast_atof.h of the component CSM File Handler. The manipulation leads to out-of-bounds read. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
VulDBCNA
4.3 MEDIUM
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
assimpassimp
5.4.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/assimp/assimp/issues/6013
https://github.com/assimp/assimp/issues/6013#issue-2877371176
https://vuldb.com/?ctiid.300857
https://vuldb.com/?id.300857
https://vuldb.com/?submit.517786