{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-6120","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-06-15T10:18:10.430Z","datePublished":"2025-06-16T11:31:06.030Z","dateUpdated":"2025-06-16T14:47:28.362Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-06-16T11:31:06.030Z"},"title":"Open Asset Import Library Assimp HL1MDLLoader.cpp read_meshes heap-based overflow","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-122","lang":"en","description":"Heap-based Buffer Overflow"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-119","lang":"en","description":"Memory Corruption"}]}],"affected":[{"vendor":"Open Asset Import Library","product":"Assimp","versions":[{"version":"5.4.0","status":"affected"},{"version":"5.4.1","status":"affected"},{"version":"5.4.2","status":"affected"},{"version":"5.4.3","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future."},{"lang":"de","value":"In Open Asset Import Library Assimp bis 5.4.3 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es die Funktion read_meshes in der Bibliothek assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. Mit der Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":4.8,"vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":5.3,"vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.3,"vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":4.3,"vectorString":"AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}],"timeline":[{"time":"2025-06-15T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-06-15T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-06-15T12:23:17.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"Rulkallos (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.312589","name":"VDB-312589 | Open Asset Import Library Assimp HL1MDLLoader.cpp read_meshes heap-based overflow","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.312589","name":"VDB-312589 | CTI Indicators (IOB, IOC, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.591235","name":"Submit #591235 | Open Asset Import Library Assimp 5.4.3 Heap-based Buffer Overflow","tags":["third-party-advisory"]},{"url":"https://github.com/assimp/assimp/issues/6220","tags":["issue-tracking"]},{"url":"https://github.com/assimp/assimp/issues/6220#issuecomment-2945018579","tags":["issue-tracking"]},{"url":"https://github.com/user-attachments/files/20605340/read_meshes_reproduce.tar.gz","tags":["exploit"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-06-16T14:41:43.487968Z","id":"CVE-2025-6120","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-06-16T14:47:28.362Z"}}]}}