Denial of Service Vulnerability in Assimp Software by Asset Import Library
CVE-2025-70069

7.5HIGH

Key Information:

Vendor

Assimp

Status
Assimp
Vendor
CVE Published:
4 May 2026

What is CVE-2025-70069?

An issue in version 6.0.2 of the Assimp library allows remote attackers to trigger a denial of service through the FBXConverter functionality, specifically within the ConvertMeshMultiMaterial() method. Exploiting this vulnerability could result in disruptions and potential resource exhaustion.

References

http://assimp.com
https://gist.github.com/GunP4ng/9080ae7f0470c889a59cc3bfc...

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.