Request a Demo
Rewterz
Cobalt Strike Malware – Active IOCs
January 21, 2025
Rewterz
Multiple Cisco Products Vulnerabilities
January 21, 2025

Multiple Adobe Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-21136 CVSS:7.8

Adobe Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21138 CVSS:7.8

Adobe Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21139 CVSS:7.8

Adobe Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21137 CVSS:7.8

Adobe Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21135 CVSS:7.8

Adobe Animate versions 24.0.6, 23.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21134 CVSS:7.8

Adobe Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2025-21133 CVSS:7.8

Adobe Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Impact

  • Buffer Overflow
  • Code Execution

Indicators of Compromise

CVE

  • CVE-2025-21136

  • CVE-2025-21138

  • CVE-2025-21139

  • CVE-2025-21137

  • CVE-2025-21135

  • CVE-2025-21134

  • CVE-2025-21133

Affected Vendors

Adobe

Affected Products

  • Adobe Substance3D - Designer versions 14.0
  • Adobe Animate versions 24.0.6
  • Adobe Animate versions 23.0.9
  • Adobe Illustrator on iPad versions 3.0.7

Remediation

Refer to Adobe Security Advisory for patch, upgrade, or suggested workaround information.

Adobe Substance3D - Designer

Adobe Animate

Adobe Illustrator