June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Cobalt Strike Malware – Active IOCs
January 21, 2025
Multiple Cisco Products Vulnerabilities
January 21, 2025
Cobalt Strike Malware – Active IOCs
January 21, 2025
Multiple Cisco Products Vulnerabilities
January 21, 2025
Severity
High
Analysis Summary
CVE-2025-21136 CVSS:7.8
Adobe Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21138 CVSS:7.8
Adobe Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21139 CVSS:7.8
Adobe Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21137 CVSS:7.8
Adobe Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21135 CVSS:7.8
Adobe Animate versions 24.0.6, 23.0.9 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21134 CVSS:7.8
Adobe Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21133 CVSS:7.8
Adobe Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Impact
- Buffer Overflow
- Code Execution
Indicators of Compromise
CVE
CVE-2025-21136
CVE-2025-21138
CVE-2025-21139
CVE-2025-21137
CVE-2025-21135
CVE-2025-21134
CVE-2025-21133
Affected Vendors
Adobe
Affected Products
- Adobe Substance3D - Designer versions 14.0
- Adobe Animate versions 24.0.6
- Adobe Animate versions 23.0.9
- Adobe Illustrator on iPad versions 3.0.7
Remediation
Refer to Adobe Security Advisory for patch, upgrade, or suggested workaround information.
