CNNVD-202510-4349 Information

CNNVD ID

CNNVD-202510-4349

Related CVE

CVE-2025-60749

• CNNVD Published: 2025-10-31

Description (Chinese)

Trimble SketchUp Desktop是美国Trimble公司的一款三维建模软件。 Trimble SketchUp Desktop 2025存在安全漏洞，该漏洞源于sketchup_webhelper.exe使用了特制的libcef.dll，可能导致DLL劫持攻击。

Description (English)

Trimble SketchUp Desktop is a three-dimensional modeling software from Trimble, United States. There is a security loophole in Trimble SketchUp Desktop 2025, which originates from the use of a specially designed libcef.dll by sketchup webhelper.exe, which could lead to a DLL hijacking attack.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Trimble

Published

2025-10-31

Last Modified

2026-02-24

References

http://sketchup.com https://help.sketchup.com/zh-CN/downloading-sketchup https://yawataa.github.io/2025/10/23/CVE-2025-60749/ https://access.redhat.com/security/cve/cve-2025-60749

Patch

https://help.sketchup.com/zh-CN/downloading-sketchup