{"id":58792,"date":"2025-07-10T00:19:28","date_gmt":"2025-07-10T00:19:28","guid":{"rendered":""},"modified":"2025-09-03T09:05:21","modified_gmt":"2025-09-03T15:05:21","slug":"cve-2025-43568-use-after-free-vulnerability-in-substance3d-stager-resulting-in-arbitrary-code-execution","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-43568-use-after-free-vulnerability-in-substance3d-stager-resulting-in-arbitrary-code-execution\/","title":{"rendered":"CVE-2025-43568: Use After Free Vulnerability in Substance3D – Stager Resulting in Arbitrary Code Execution<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The CVE-2025-43568 vulnerability pertains to Substance3D – Stager versions 3.1.1 and earlier. This is a serious security issue as it involves a Use After Free vulnerability that could potentially lead to arbitrary code execution. The vulnerability is particularly alarming since it could be exploited in the context of the current user, thus posing a significant risk to the integrity of the user’s system and the confidentiality of their data<\/a>.
\nThis vulnerability is of crucial importance to all users and administrators of Substance3D – Stager<\/a> 3.1.1 and earlier versions. Given the potential consequences of this vulnerability<\/a> being exploited, users and administrators should take immediate action to mitigate the risk.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-43568
\nSeverity: High (CVSS: 7.8)
\nAttack Vector: Local
\nPrivileges Required: None
\nUser Interaction: Required
\nImpact: Potential system<\/a> compromise or data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n