Vulnerability in Luxion Keyshot
CVE-2025-2530
Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is requ…
EPSS: 0.002 (14.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Luxion Keyshot — versions 2024 13.0.0 Build 92 4.10.171
Weakness classification (CWE)
References
- zdi-disclosures@trendmicro.com (x_research-advisory, Third Party Advisory)
Frequently asked questions
- What is CVE-2025-2530?
- CVE-2025-2530 is a high-severity vulnerability in Luxion Keyshot, classified under Access of Uninitialized Pointer. CVSS score: 7.8/10. Published 2025-03-25.
- How severe is CVE-2025-2530?
- High severity. CVSS v3 base score is 7.8 out of 10.