CVE-2025-20001
MEDIUMHigh-Logic FontCreator <15.0.0.3015 - Info Disclosure
Title source: llmDescription
An out-of-bounds read vulnerability exists in High-Logic FontCreator 15.0.0.3015. A specially crafted font file can trigger this vulnerability which can lead to disclosure of sensitive information. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2157
Exploit, Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2157
Scores
CVSS v3
6.5
EPSS
0.0035
EPSS Percentile
57.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-125
Status
published
Products (1)
high-logic/fontcreator
15.0.0.3015
Published
Jun 02, 2025
Tracked Since
Feb 18, 2026