Primary

Context

TwistedBrush Pro Studio Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in TwistedBrush Pro Studio version 24.06. This vulnerability allows local attackers to crash the application by importing a malformed .srp script file. The issue arises when an .srp file containing an excessively large buffer is imported through the Script Player interface, leading to an application crash.

Impact

Exploitation of this vulnerability causes the application to crash, disrupting any ongoing work or processes.

Reproduction

To reproduce this vulnerability, create a .srp file with a buffer size of approximately 500,000 bytes. This can be done using a Python script that writes the buffer into a file. Once the file is created, open TwistedBrush Pro Studio and navigate to the 'Script Player' interface. Import the 'sample.srp' file and the application will crash upon opening it.

Added: Mar 21, 2026, 1:24 PM

Updated: Mar 21, 2026, 1:24 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TwistedBrush Pro Studio Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating