CVE-2025-64786

EUVD-2025-202308
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue does not require user interaction.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
adobeCNA
3.3 LOW
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
adobeacrobat
20.001.3005 ≤
𝑥
< 20.005.30838
adobeacrobat_dc
𝑥
< 25.001.20997
adobeacrobat_reader
20.001.3005 ≤
𝑥
< 20.005.30838
adobeacrobat_reader_dc
𝑥
< 25.001.20997
adobeacrobat
24.001.20604 ≤
𝑥
< 24.001.30307
adobeacrobat
24.001.20604 ≤
𝑥
< 24.001.30308
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://helpx.adobe.com/security/products/acrobat/apsb25-119.html