Description
A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. This and similar defects are tracked and handled via issue #6128.
Published: 2026-07-01
Score: 4.8 Medium
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the Assimp::SceneCombiner::Copy operation, which copies model dimensions without adequate bounds checks, causing a heap‑based buffer overflow when an attacker supplies crafted width/height values. The flaw is a classic heap overflow identified by CWE‑119 and CWE‑122 and can corrupt memory on the local machine. An attacker who can execute code locally may cause a segmentation fault, crash the application or potentially gain code execution if a suitable exploitation vector is derived from the corrupted heap region.

Affected Systems

Open Asset Import Library Assimp versions up to and including 5.4.3 are affected. This includes any software that embeds Assimp 5.4.3 or earlier for model file handling, such as games and CAD tools that rely on the library. The vulnerability was discovered in the common scene combiner component used across all platforms supported by Assimp.

Risk and Exploitability

The CVSS base score is 4.8, signifying moderate severity, and the EPSS score is not available, indicating no public data on likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog, but the exploit has been publicly disclosed and requires only local access to the target system. Because the overflow occurs during normal model file processing, any software that accepts user‑supplied models can be targeted by file‑based attacks if a local attacker can arrive at the host or supply files through an exposed service.

Generated by OpenCVE AI on July 1, 2026 at 08:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Assimp to the latest release (≥5.4.4) to receive the heap‑overflow fix.
  • If upgrading is not feasible, disable or quarantine usage of the SceneCombiner functionality when processing untrusted model files.
  • Implement runtime input validation to reject model files with width/height values that could trigger the overflow before invoking Assimp.

Generated by OpenCVE AI on July 1, 2026 at 08:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 06:45:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. This and similar defects are tracked and handled via issue #6128.
Title Open Asset Import Library Assimp Model File SceneCombiner.cpp Copy heap-based overflow
First Time appeared Assimp
Assimp assimp
Weaknesses CWE-119
CWE-122
CPEs cpe:2.3:a:assimp:assimp:*:*:*:*:*:*:*:*
Vendors & Products Assimp
Assimp assimp
References
Metrics cvssV2_0

{'score': 4.3, 'vector': 'AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 4.8, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-07-01T05:45:06.959Z

Reserved: 2026-06-29T04:58:39.190Z

Link: CVE-2025-15666

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T08:45:15Z

Weaknesses
  • CWE-119

    Improper Restriction of Operations within the Bounds of a Memory Buffer

  • CWE-122

    Heap-based Buffer Overflow