CVE-2025-43548: 
Adobe Dimension vulnerability analysis and mitigation

Adobe Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability identified as CVE-2025-43548. The vulnerability was discovered and disclosed on May 13, 2025, by Adobe Systems Incorporated. This security issue affects both Windows and macOS operating systems running Adobe Dimension software (NVD, Wiz).

The vulnerability is classified as an out-of-bounds write (CWE-787) with a CVSS v3.1 base score of 7.8 (HIGH), and vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability requires user interaction, specifically opening a malicious file, to be exploited (NVD, Wiz).

Successful exploitation of this vulnerability could result in arbitrary code execution in the context of the current user. If exploited, an attacker could potentially install programs, view, change, or delete data, or create new accounts with full user rights, depending on the user's privileges (Wiz).

Adobe has released security updates to address this vulnerability. Users are advised to update to the latest version of Adobe Dimension. Organizations should apply the stable channel update provided by Adobe to vulnerable systems immediately after appropriate testing (Wiz).