Primary

Context

Adobe Acrobat and Reader Out-of-Bounds Read Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability allowing out-of-bounds read has been identified in Adobe Acrobat and Reader. This issue affects versions through 25.001.20982, as well as specific earlier versions of Acrobat 2024 and Acrobat 2020. The vulnerability arises when the applications parse crafted files, leading to a read past the end of an allocated memory structure. An attacker could exploit this vulnerability to execute code in the context of the current user, but exploitation requires user interaction, as the victim must open a malicious file.

Impact

Successful exploitation of this vulnerability could lead to arbitrary code execution in the context of the user.

Remediation

Users are advised to update to the latest versions of Adobe Acrobat or Reader. The latest versions can be downloaded from the Adobe website or via the Adobe Update mechanism. For IT administrators, updates can be deployed using preferred methods such as SCCM or Apple Remote Desktop.

Added: Dec 9, 2025, 9:39 PM

Updated: Dec 9, 2025, 9:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.4

remediation

7.7

relevance

1.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adobe Acrobat and Reader Out-of-Bounds Read Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating