CVE-2023-48627: 
Adobe Substance 3D Sampler vulnerability analysis and mitigation

Adobe Substance 3D Sampler versions 4.2.1 and earlier are affected by an out-of-bounds write vulnerability (CVE-2023-48627). This vulnerability could result in arbitrary code execution in the context of the current user. The exploitation requires user interaction, specifically opening a malicious file (Adobe Advisory).

The vulnerability is classified as an out-of-bounds write issue (CWE-787). It has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that while local access is required and user interaction is needed, the vulnerability can lead to high impacts on confidentiality, integrity, and availability (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code with the privileges of the current user. This could potentially lead to unauthorized access, data manipulation, or system compromise within the context of the affected user's permissions (Adobe Advisory).

Adobe has released version updates to address this vulnerability. Users are advised to update to the latest version of Adobe Substance 3D Sampler beyond version 4.2.1. The update can be obtained through the regular Adobe update channels (Adobe Advisory).