November 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Microsoft Windows Products Vulnerabilities
November 7, 2025Elastic Defend Vulnerability Allows Windows Privilege Escalation
November 10, 2025Multiple Microsoft Windows Products Vulnerabilities
November 7, 2025Elastic Defend Vulnerability Allows Windows Privilege Escalation
November 10, 2025
Severity
Medium
Analysis Summary
CVE-2025-61806 CVSS:7.8
Adobe Substance 3D Stager could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to execute code on the system with the privileges of the victim or cause the application to crash.
CVE-2025-54275 CVSS:5.5
Adobe Substance 3D Viewer is vulnerable to a denial of service, caused by an out-of-bounds write error. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to cause the application to crash.
Impact
- Code Execution
- Denial of Service
Indicators of Compromise
CVE
CVE-2025-61806
CVE-2025-54275
Affected Vendors
- Adobe
Affected Products
- Adobe Substance 3D Stager 3.1.4
- Adobe Substance 3D Viewer 0.25.2
Remediation
Refer to Adobe Security Bulletin for patch, upgrade or suggested workaround information.