Cert-In-Advisories

[CIVN-2025-0209] Multiple Vulnerabilities in Adobe Products

By TeamwinPublished On: September 12, 2025

—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Adobe Products

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Software Affected

Acrobat DC Win 25.001.20672 and earlier versions for Windows and macOS

Acrobat DC Mac 25.001.20668 and earlier versions for Windows and macOS

Acrobat Reader DC Win 25.001.20672 and earlier versions for Windows and macOS

Acrobat Reader DC Mac 25.001.20668 and earlier versions for Windows and macOS

Acrobat 2024 Win & Mac – 24.001.30254 and earlier versions for Windows and macOS

Acrobat 2020 Win & Mac – 20.005.30774 and earlier versions for Windows and macOS

Acrobat Reader 2020 Win & Mac – 20.005.30774 and earlier versions for Windows and macOS

Adobe After Effects 24.6.7 and¿earlier versions for Windows and macOS

Adobe After Effects 25.3 and¿earlier versions for Windows and macOS

Adobe Premiere Pro 25.3 and earlier versions¿for Windows and macOS

Adobe Premiere Pro 24.6.5 and earlier versions for Windows and macOS

Adobe Commerce¿

2.4.9-alpha2 and earlier

2.4.8-p2 and earlier

2.4.7-p7 and earlier

2.4.6-p12 and earlier

2.4.5-p14 and earlier

2.4.4-p15 and earlier

Adobe Commerce B2B

1.5.3-alpha2 and earlier

1.5.2-p2 and earlier

1.4.2-p7 and earlier

1.3.4-p14 and earlier

1.3.3-p15 and earlier

Magento Open Source

2.4.9-alpha2 and earlier

2.4.8-p2 and earlier

2.4.7-p7 and earlier

2.4.6-p12 and earlier

2.4.5-p14 and earlier

Adobe Substance 3D Viewer 0.25.1 and earlier versions

Adobe Experience Manager (AEM) Cloud Service (CS)

Adobe Experience Manager (AEM) 6.5 LTS SP1 and earlier versions

Adobe Experience Manager (AEM) 6.5.23 and earlier versions

Adobe Dreamweaver 21.5 and earlier versions¿for Windows and macOS

Adobe Substance 3D Modeler 1.22.2 and earlier versions

Adobe ColdFusion 2025 Update 3 and earlier versions

Adobe ColdFusion 2023 Update 15 and earlier versions

Adobe ColdFusion 2021 Update 21 and earlier versions

Overview

Multiple Vulnerabilities have been reported in Adobe products which could be exploited by an attacker to bypass security restrictions, execute arbitrary code or gain access to sensitive information on the targeted system.

Target Audience:

System administrators, Security teams or end-users of Adobe software products.

Impact Assessment:

Potential for data theft, remote code execution or system compromise.

Description

Multiple vulnerabilities exist in Adobe products due to Out-of-bounds Read, Use after Free, Improper Input Validation and other issues.

Successful exploitation of these vulnerabilities could allow an attacker to bypass security restrictions, execute arbitrary code or gain access to sensitive information on the targeted system.

Solution

Apply appropriate updates as mentioned in the Adobe Security Bulletin.

https://helpx.adobe.com/security.html/security/security-bulletin.html

Vendor Information

Adobe

https://helpx.adobe.com/security.html/security/security-bulletin.html

https://helpx.adobe.com/security/products/acrobat/apsb25-85.html

https://helpx.adobe.com/security/products/after_effects/apsb25-86.html

https://helpx.adobe.com/security/products/premiere_pro/apsb25-87.html

https://helpx.adobe.com/security/products/magento/apsb25-88.html

https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-89.html

https://helpx.adobe.com/security/products/experience-manager/apsb25-90.html

https://helpx.adobe.com/security/products/dreamweaver/apsb25-91.html

https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-92.html

https://helpx.adobe.com/security/products/coldfusion/apsb25-93.html

References