CVE-2023-25887: 
Adobe Dimension vulnerability analysis and mitigation

Adobe Dimension versions 3.4.7 and earlier contain an out-of-bounds read vulnerability (CVE-2023-25887) that was disclosed on March 16, 2023. This vulnerability affects Adobe Dimension software running on both Windows and macOS operating systems (NVD, Adobe Advisory).

The vulnerability is classified as an out-of-bounds read (CWE-125) that occurs when parsing a crafted file, potentially resulting in reading past the end of an allocated memory structure. The vulnerability has received a CVSS v3.1 base score of 7.8 (High), with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access, low attack complexity, no privileges required, and user interaction required (Adobe Advisory).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code in the context of the current user. The high severity rating indicates potential for significant impact on the confidentiality, integrity, and availability of the system (NVD).

Adobe has released patches to address this vulnerability. Users are advised to update to the latest version of Adobe Dimension beyond version 3.4.7 (Adobe Advisory).