ByteOS Network

NVD Vulnerability Details :

CVE-2025-20001

Analyzed

Source-talos-cna@cisco.com

Published At-02 Jun, 2025 | 15:15

Updated At-26 Aug, 2025 | 16:27

An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CPE Matches

high-logic>>fontcreator>>15.0.0.3015

cpe:2.3:a:high-logic:fontcreator:15.0.0.3015:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-125	Secondary	talos-cna@cisco.com

References

Hyperlink	Source	Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2157	talos-cna@cisco.com	Exploit Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2157	af854a3a-2127-422b-91ae-364da2661108	Exploit Third Party Advisory

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History