Cyber Posture

CVE-2025-2151

MediumPublic PoC

Published: 10 March 2025

Published
10 March 2025
Modified
28 May 2025
KEV Added
Patch
CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS Score 0.0021 42.7th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

An adversary may rely upon a user opening a malicious file in order to gain execution.

Security Summary

CVE-2025-2151 is a stack-based buffer overflow vulnerability classified as critical in the Open Asset Import Library (Assimp) version 5.4.3. The issue resides in the Assimp::GetNextLine function within ParsingUtils.h of the File Handler component. It is associated with CWEs-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer), CWE-121 (Stack-based Buffer Overflow), and CWE-787 (Out-of-bounds Write).

The vulnerability enables remote exploitation through manipulation of input, requiring no privileges (PR:N) but user interaction (UI:R), as indicated by its CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L). An attacker can supply a malicious file that, when processed by an application using the affected Assimp library, triggers the buffer overflow, potentially resulting in limited impacts to confidentiality, integrity, and availability.

Advisories and discussions are available in GitHub issues #6016 and #6026 for Assimp, along with VulDB entries at ctiid.299062 and id.299062. A proof-of-concept exploit crash file has been publicly disclosed at sae-as-me/Crashes/raw/refs/heads/main/assimp/assimp_crash_1, indicating the vulnerability may be usable in attacks.

The exploit has been disclosed to the public, increasing the risk for applications relying on Assimp for 3D asset parsing.

Details

CWE(s)
CWE-119CWE-121CWE-787

Affected Products

assimp
assimp
5.4.3

MITRE ATT&CK Enterprise Techniques

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
T1204.002 Malicious File Execution
An adversary may rely upon a user opening a malicious file in order to gain execution.
attack.mitre.org →
Why these techniques?

Stack-based buffer overflow in Assimp file parser enables code execution via malicious 3D asset file (T1203 Exploitation for Client Execution); requires user interaction to process the file (T1204.002 Malicious File).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References