- Description
- Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25210.
- Source
- zdi-disclosures@trendmicro.com
- NVD status
- Received
CVSS 3.0
- Type
- Secondary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- zdi-disclosures@trendmicro.com
- CWE-457
- Hype score
- Not currently trending
Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability (CVE-2025-2024) #CVE20252024 #CyberSecurity #RemoteCodeExecutionVulnerability #Trimble https://t.co/YdyyDQ3qtG https://t.co/Ky3KFqzGYP
@SystemTek_UK
9 Mar 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐จ CVE-2025-2024 ๐ด HIGH (7.8) ๐ข Trimble - SketchUp ๐๏ธ 2024-0-484-191 ๐ https://t.co/gBtp5bDKXu #CyberCron #VulnAlert #InfoSec https://t.co/4gty6mSAsF
@cybercronai
8 Mar 2025
198 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
1 Quote
CVE-2025-2024 03/07/2025 08:15:39 PM BaseSeverity: HIGH Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code o... https://t.co/skApmIXfgH
@CVETracker
8 Mar 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2024 Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on afโฆ https://t.co/aeyXNxAklp
@CVEnew
8 Mar 2025
61 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes