CVE-2023-21618: 
Adobe Substance 3D Designer vulnerability analysis and mitigation

Adobe Substance 3D Designer version 12.4.1 and earlier versions are affected by an Access of Uninitialized Pointer vulnerability identified as CVE-2023-21618. The vulnerability was discovered by Mat Powell working with Trend Micro Zero Day Initiative and was publicly disclosed on June 13, 2023 (Adobe Security, NVD Database).

The vulnerability is classified as an Access of Uninitialized Pointer issue (CWE-824). It has received a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This scoring indicates that while local access is required, the vulnerability requires low attack complexity and no privileges, though user interaction is necessary (NVD Database).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user. The high CVSS score reflects the potential for significant impact on the confidentiality, integrity, and availability of the affected system (NVD Database).

Adobe has addressed this vulnerability in versions after 12.4.1. Users are advised to update to the latest version of Adobe Substance 3D Designer to mitigate this security risk (Adobe Security).