anonhaven
Ad

CVE-2019-25555

MEDIUM CVSS 4.0: 6.9 EPSS 0.02%
Updated Mar 24, 2026
Pixarra
Parameter Value
CVSS 6.9 (MEDIUM)
Type CWE-131
Vendor Pixarra
Public PoC Yes

TwistedBrush Pro Studio 24.06 contains a denial of service vulnerability in the Script Recorder component that allows local attackers to crash the application by supplying an excessively large buffer. Attackers can paste a malicious string containing 500,000 characters into the Description field of the Script Recorder dialog to trigger an application crash.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Attack Requirements
None
No additional conditions
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
None
No data leak
Integrity
None
No data modification
Availability
High
Complete denial of service

CVSS Vector v4.0

Weakness Type (CWE)

CWE-131

Vulnerable Products 1

Configuration From (including) Up to (excluding)
Pixarra Twistedbrush_Pro_Studio
cpe:2.3:a:pixarra:twistedbrush_pro_studio:24.06:*:*:*:*:*:*:*

References 3

http://www.pixarra.com
disclosure@vulncheck.com
https://www.exploit-db.com/exploits/46844
disclosure@vulncheck.com
https://www.vulncheck.com/advisories/twistedbrush-pro-studio-script-recorder-de…
disclosure@vulncheck.com
Share Post Share Share Share

Related Vulnerabilities

CVE-2019-25625

Blob

6.9

CVE-2019-25624

Liquid

6.9

CVE-2019-25623

Luminance

6.9

CVE-2019-25622

Paint

6.9

CVE-2019-25621

Pixel

6.9