Vulnerabilities > CVE-2024-39388 - Use After Free vulnerability in Adobe Substance 3D Stager 2.0.1/2.1.3/3.0.2

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
adobe
CWE-416

Summary

Substance3D - Stager versions 3.0.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Common Weakness Enumeration (CWE)