CRITICAL🇵🇱 Wersja polska

CVE-2025-70067

CVSS 9.8v3.1pub. 2026-05-04upd. 2026-07-05

Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length validation

🤖 AI Analysis
How it works

The vulnerability occurs in the aiMaterial::AddBinaryProperty function, responsible for processing material properties when loading an FBX file. The character string representing the property key is copied to a fixed-size buffer on the heap using the strcpy() function, without prior verification of the input string length. An attacker can embed an excessively long property key in a specially crafted FBX file, causing a buffer overflow (CWE-122 — heap-based buffer overflow) and overwriting adjacent memory areas.

Impact

Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code (RCE) in the context of the process handling the FBX file, as well as lead to violation of data confidentiality and integrity or complete application unavailability (crash). The absence of authentication and user interaction requirements (beyond opening the file) significantly increases the risk of attack.

Mitigation & patch

Apply patches available from the vendor according to references. It is recommended to update the Assimp library to a version higher than 6.0.2 as soon as it becomes available. Temporarily, avoid processing FBX files from untrusted sources and consider sandboxing processes handling file loading using this library.

Who is affected

Assimp library (Open Asset Import Library) in all versions up to and including 6.0.2 that use the FBX file importer.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References