CNNVD-202509-2638 Information

CNNVD ID

CNNVD-202509-2638

Related CVE

CVE-2025-7999

• CNNVD Published: 2025-09-17

Description (Chinese)

Ashlar-Vellum Cobalt是Ashlar-Vellum公司的一种基于参数的计算机辅助设计和 3D 建模程序。 Ashlar-Vellum Cobalt存在安全漏洞，该漏洞源于解析AR文件时缺乏对用户提供数据的适当验证，可能导致类型混淆条件，从而在当前进程环境中执行任意代码。

Description (English)

Ashlar-Vellam Cobalt is an argument-based computer-aided design and 3D modelling program for Ashlar-Vellum. The security gap in Ashlar-Vellam Cobalt, which stems from the lack of proper validation of the data provided by users when the AR files are analysed, may lead to a type of confusion of conditions, leading to the enforcement of any code in the current process environment.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ashlar-Vellum

Published

2025-09-17

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-713/