Cert-In-Advisories

[CIVN-2025-0173] Multiple Vulnerabilities in Adobe Products

By TeamwinPublished On: August 14, 2025

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Adobe Products

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Adobe Commerce versions

2.4.9-alpha1

2.4.8-p1 and earlier.

2.4.7-p6 and earlier.

2.4.6-p11 and earlier.

2.4.5-p13 and earlier.

2.4.4-p14 and earlier.

Adobe Commerce B2B versions

1.5.3-alpha1

1.5.2-p1 and earlier.

1.4.2-p6 and earlier.

1.3.5-p11 and earlier.

1.3.4-p13 and earlier.

1.3.3-p14 and earlier.

Magento Open Source versions

2.4.9-alpha1

2.4.8-p1 and earlier.

2.4.7-p6 and earlier.

2.4.6-p11 and earlier.

2.4.5-p13 and earlier.

Adobe Substance 3D Viewer 0.25 and earlier versions

Adobe Animate 2023 23.0.12 and earlier versions for Windows and macOS

Adobe Animate 2024 24.0.09 and earlier versions for Windows and macOS

Adobe Illustrator 2025 29.6.1 and earlier versions for Windows and macOS

Adobe Illustrator 2024 28.7.8 and earlier versions for Windows and macOS

Adobe Photoshop 2025 26.8 and earlier versions for Windows and macOS

Adobe Photoshop 2024 25.12.3 and earlier versions for Windows and macOS

Adobe Substance 3D Modeler 1.22.0 and earlier versions

Adobe Substance 3D Painter 11.0.2 and earlier versions

Adobe Substance 3D Sampler 5.0.3 and earlier versions

Adobe InDesign ID20.4 and earlier versions for Windows and macOS

Adobe InDesign ID19.5.4 and earlier versions for Windows and macOS

Adobe InCopy 20.4 and earlier versions for Windows and macOS

Adobe InCopy¿ 19.5.4 and earlier versions for Windows and macOS

Adobe Substance 3D Stager 3.1.3 and earlier versions for Windows and macOS

Adobe FrameMaker 2020 Release Update 8 and earlier versions for windows

Adobe FrameMaker 2022 Release Update 6 and earlier versions for windows

Adobe Dimension 4.1.3 and earlier versions for Windows and macOS

Overview

Multiple Vulnerabilities have been reported in Adobe products which could be exploited by an attacker to bypass security restrictions, execute arbitrary code, gain elevated privileges, gain access to sensitive information, or cause denial of Service condition on the targeted system.

Target Audience:

System administrators, Security teams or end-users of Adobe creative software products.

Risk Assessment:

High risk unauthorized access to sensitive data and system instability.

Impact Assessment:

Potential for data theft, remote code execution and system crash.

Description

Multiple vulnerabilities exist in Adobe products due to memory corruption, incorrect authorization and other issues.

Successful exploitation of these vulnerabilities could allow an attacker to bypass security restrictions, execute arbitrary code, gain elevated privileges, gain access to sensitive information, or cause denial of Service condition on the targeted system.

Solution

Apply appropriate updates as mentioned in the Adobe Security Bulletin.

https://helpx.adobe.com/security/products/magento/apsb25-71.html

https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-72.html

https://helpx.adobe.com/security/products/animate/apsb25-73.html

https://helpx.adobe.com/security/products/illustrator/apsb25-74.html

https://helpx.adobe.com/security/products/photoshop/apsb25-75.html

https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-76.html

https://helpx.adobe.com/security/products/substance3d_painter/apsb25-77.html

https://helpx.adobe.com/security/products/substance3d-sampler/apsb25-78.html

https://helpx.adobe.com/security/products/indesign/apsb25-79.html

https://helpx.adobe.com/security/products/incopy/apsb25-80.html

https://helpx.adobe.com/security/products/substance3d_stager/apsb25-81.html

https://helpx.adobe.com/security/products/framemaker/apsb25-83.html

https://helpx.adobe.com/security/products/dimension/apsb25-84.html

Vendor Information

Adobe

https://helpx.adobe.com/security.html

References