Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length validation
The vulnerability occurs in the aiMaterial::AddBinaryProperty function, responsible for processing material properties when loading an FBX file. The character string representing the property key is copied to a fixed-size buffer on the heap using the strcpy() function, without prior verification of the input string length. An attacker can embed an excessively long property key in a specially crafted FBX file, causing a buffer overflow (CWE-122 — heap-based buffer overflow) and overwriting adjacent memory areas.
Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code (RCE) in the context of the process handling the FBX file, as well as lead to violation of data confidentiality and integrity or complete application unavailability (crash). The absence of authentication and user interaction requirements (beyond opening the file) significantly increases the risk of attack.
Apply patches available from the vendor according to references. It is recommended to update the Assimp library to a version higher than 6.0.2 as soon as it becomes available. Temporarily, avoid processing FBX files from untrusted sources and consider sandboxing processes handling file loading using this library.
Assimp library (Open Asset Import Library) in all versions up to and including 6.0.2 that use the FBX file importer.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H