Main Vulnerability Database Vulnerabilities #VU114396

#VU114396 Access of Uninitialized Pointer in Imaris Viewer - CVE-2025-9274

Published: August 25, 2025

Vulnerability identifier: #VU114396

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2025-9274

CWE-ID: CWE-824

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Imaris Viewer

Software vendor:
Oxford Instruments

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a boundary error when handling untrusted data. A remote attacker can trick the victim into opening a specially crafted IMS file, trigger access to an uninitialized pointer and execute arbitrary code on the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.zerodayinitiative.com/advisories/ZDI-25-853/

#VU114396 Access of Uninitialized Pointer in Imaris Viewer - CVE-2025-9274

Description

Remediation

External links

Please verify you're human