Out-of-Bounds Write Vulnerability in Oxford Instruments Imaris Viewer
CVE-2025-9275

7.8HIGH

Key Information:

Vendor: Oxford Instruments
Status: Imaris Viewer
Vendor: CVE Published:; 2 September 2025

🔔 Create Oxford Instruments Vulnerability Alert

What is CVE-2025-9275?

A vulnerability has been identified in the Oxford Instruments Imaris Viewer, specifically within its handling of IMS files. The issue arises due to inadequate validation of data supplied by users, leading to potential out-of-bounds writes. This flaw enables remote attackers to execute arbitrary code on the affected system, following user interaction, such as opening a malicious IMS file or visiting a compromised web page. It is crucial for users to be aware of this risk and take the necessary precautions to safeguard their installations.

Affected Version(s)

Imaris Viewer 10.0.1

References

https://www.zerodayinitiative.com/advisories/ZDI-25-854/

x_research-advisory

CVSS V3.0

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 2, 2025
Vulnerability Reserved
Aug 20, 2025