CVE-2025-27158

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-27158
Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS

No CVSS.

References
Link Resource
https://helpx.adobe.com/security/products/acrobat/apsb25-14.html Vendor Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2135 Technical Description Third Party Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
History

28 Apr 2025, 16:48

Type Values Removed Values Added
References () https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2135 - () https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2135 - Technical Description, Third Party Advisory
References () https://helpx.adobe.com/security/products/acrobat/apsb25-14.html - () https://helpx.adobe.com/security/products/acrobat/apsb25-14.html - Vendor Advisory
CPE cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
First Time Adobe acrobat Reader
Adobe acrobat Reader Dc
Adobe
Adobe acrobat
Microsoft windows
Apple macos
Apple
Adobe acrobat Dc
Microsoft

12 Mar 2025, 14:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.8 		v2 : unknown
v3 : unknown
References
  • () https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2135 -
CWE CWE-824

11 Mar 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-11 18:15

Updated : 2025-04-28 16:48

NVD link : CVE-2025-27158

Mitre link : CVE-2025-27158

JSON object : View

Products Affected

adobe

  • acrobat_dc
  • acrobat
  • acrobat_reader
  • acrobat_reader_dc

apple

  • macos

microsoft

  • windows
CWE

No CWE.