Primary

Context

Adobe After Effects Out-of-Bounds Read Vulnerability Allowing Memory Disclosure

Vulnerability

Patched

A vulnerability allowing out-of-bounds read has been identified in Adobe After Effects versions 25.2, 24.6.6 and earlier. This vulnerability could lead to the disclosure of sensitive memory. An attacker might exploit this issue to bypass mitigations like Address Space Layout Randomization (ASLR). Exploitation requires user interaction, as a victim must open a malicious file.

Impact

Exploitation of this vulnerability could result in a memory leak and allow for the unauthorized disclosure of sensitive information from memory.

Remediation

Users are advised to update to Adobe After Effects version 24.6.7 or 25.3. These updates are available through the Adobe Download Center. For IT administrators, Creative Cloud applications can be deployed to end users via the Admin Console.

Added: Jul 8, 2025, 10:46 PM

Updated: Jul 8, 2025, 10:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adobe After Effects Out-of-Bounds Read Vulnerability Allowing Memory Disclosure

Vulnerability

Impact

Remediation

Affected Products

Adobe After Effects

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating