CVE-2023-48626: 
Adobe Substance 3D Sampler vulnerability analysis and mitigation

Adobe Substance 3D Sampler versions 4.2.1 and earlier contain a critical security vulnerability identified as CVE-2023-48626. This vulnerability was disclosed on December 13, 2023, and involves an out-of-bounds write issue that affects the software's file handling capabilities (NVD, Adobe Advisory).

The vulnerability is classified as an out-of-bounds write (CWE-787) issue. It has received a CVSS v3.1 base score of 7.8 (HIGH), with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This scoring indicates that while local access is required, the vulnerability requires low attack complexity and no privileges, though it does need user interaction (NVD).

If successfully exploited, this vulnerability could lead to arbitrary code execution in the context of the current user. The high severity ratings for confidentiality, integrity, and availability (C:H/I:H/A:H) indicate that successful exploitation could result in significant system compromise (NVD).

Adobe has addressed this vulnerability in versions after 4.2.1 of Substance 3D Sampler. Users are advised to update to the latest version of the software to mitigate this security risk (Adobe Advisory).