Primary

Context

Adobe Connect Incorrect Authorization Vulnerability Leading to Arbitrary Code Execution

Vulnerability

Patched

A vulnerability allowing incorrect authorization has been identified in the Adobe Connect Desktop Application, specifically in versions through 2025.8.157 and 2025.9.15. This vulnerability could lead to arbitrary code execution within the context of the current user. An attacker might exploit this issue to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploitation requires user interaction, as a victim must visit a maliciously crafted URL or engage with a compromised web page.

Impact

Exploitation of this vulnerability could result in arbitrary code execution in the context of the user.

Remediation

Users are advised to update to Adobe Connect version 2026.3.125 for Windows or 2026.01.39 for macOS.

Added: May 12, 2026, 9:10 PM

Updated: May 12, 2026, 9:10 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

1.3

exploitability

6.4

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

1.3

exploitability

6.4

remediation

7.7

relevance

8.1

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Adobe Connect Incorrect Authorization Vulnerability Leading to Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

Adobe Connect

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating