Request a Demo
Rewterz
Multiple Fortinet Products Vulnerabilities
March 18, 2025
Rewterz
TP-Link Vulnerability Exploited by Hackers for Root Access
March 18, 2025

Multiple Adobe Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-27168 CVSS:7.8

Adobe Illustrator affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-24450 CVSS:7.8

Adobe Substance3D - Painter affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-24451 CVSS:7.8

Adobe Substance3D - Painter affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-24452 CVSS:7.8

Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-24453 CVSS:7.8

Adobe InDesign Desktop affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27166 CVSS:7.8

Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27171 CVSS:7.8

Adobe InDesign Desktop affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27175 CVSS:7.8

Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27177 CVSS:7.8

Adobe InDesign Desktop affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27176 CVSS:5.5

Adobe InDesign Desktop affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27178 CVSS:7.8

Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27179 CVSS:5.5

Adobe InDesign Desktop affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-27172 CVSS:7.8

Adobe Substance3D - Designer affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Impact

  • Denial of Service
  • Buffer Overflow
  • Code Execution

Indicators of Compromise

CVE

  • CVE-2025-27168

  • CVE-2025-24450

  • CVE-2025-24451

  • CVE-2025-24452

  • CVE-2025-24453

  • CVE-2025-27166

  • CVE-2025-27171

  • CVE-2025-27175

  • CVE-2025-27177

  • CVE-2025-27176

  • CVE-2025-27178

  • CVE-2025-27179

  • CVE-2025-27172

Affected Vendors

  • Adobe

Affected Products

  • Adobe Illustrator 29.2.1
  • Adobe Illustrator 28.7.4
  • Adobe Substance3D - Designer 14.1
  • Adobe Substance3D - Painter 10.1.2
  • Adobe InDesign Desktop ID20.1
  • Adobe InDesign Desktop ID19.5.2

Remediation

Refer to Adobe Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2025-27168

CVE-2025-24450

CVE-2025-24451

CVE-2025-24452

CVE-2025-24453

CVE-2025-27166

CVE-2025-27171

CVE-2025-27175

CVE-2025-27177

CVE-2025-27176

CVE-2025-27178

CVE-2025-27179

CVE-2025-27172