CVE-2025-20001

{"id": "CVE-2025-20001", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-06-02T15:15:33.110", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2157", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}, {"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2157", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-125"}]}], "descriptions": [{"lang": "en", "value": "An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una vulnerabilidad de lectura fuera de los l\u00edmites en High-Logic FontCreator 15.0.0.3015. Un archivo de fuente especialmente manipulado puede activar esta vulnerabilidad, lo que puede llevar a la divulgaci\u00f3n de informaci\u00f3n confidencial. Un atacante necesita enga\u00f1ar al usuario para que abra el archivo malicioso y as\u00ed activar esta vulnerabilidad."}], "lastModified": "2025-08-26T16:27:09.163", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:high-logic:fontcreator:15.0.0.3015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BF5B934-1454-4DA7-856D-2E11B45CEA28"}], "operator": "OR"}]}], "sourceIdentifier": "talos-cna@cisco.com"}