Severity
Medium
Analysis Summary
CVE-2025-47112 CVSS:5.5
Acrobat Reader versions are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43573 CVSS:7.8
Acrobat Reader versions are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43574 CVSS:7.8
Acrobat Reader versions are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-43575 CVSS:7.8
Acrobat Reader versions are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Impact
- Code Execution
Indicators of Compromise
CVE
CVE-2025-47112
CVE-2025-43573
CVE-2025-43574
CVE-2025-43575
Affected Vendors
- Adobe
Affected Products
- Adobe Acrobat Reader - 25.001.20521
Remediation
Refer to the Adobe Security Advisory for patch, upgrade, or suggested workaround information.