Out-of-Bounds Read Vulnerability in High-Logic FontCreator
CVE-2025-20001

6.5MEDIUM

Key Information:

Vendor: High-logic
Status: Fontcreator
Vendor: CVE Published:; 2 June 2025

What is CVE-2025-20001?

An out-of-bounds read vulnerability is present in High-Logic FontCreator version 15.0.0.3015, allowing an attacker to exploit a specially crafted font file. This vulnerability can result in the disclosure of sensitive information if a user is tricked into opening the compromised file. Mitigating this issue is essential to protect users from potential exploitation.

Affected Version(s)

FontCreator 15.0.0.3015

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2025
Vulnerability Reserved
Mar 17, 2025

Credit

Discovered by KPC of Cisco Talos.