April 23, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Multiple Fortinet Products Vulnerabilities
March 18, 2025TP-Link Vulnerability Exploited by Hackers for Root Access
March 18, 2025Multiple Fortinet Products Vulnerabilities
March 18, 2025TP-Link Vulnerability Exploited by Hackers for Root Access
March 18, 2025
Severity
High
Analysis Summary
CVE-2025-27168 CVSS:7.8
Adobe Illustrator affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24450 CVSS:7.8
Adobe Substance3D - Painter affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24451 CVSS:7.8
Adobe Substance3D - Painter affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24452 CVSS:7.8
Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-24453 CVSS:7.8
Adobe InDesign Desktop affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27166 CVSS:7.8
Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27171 CVSS:7.8
Adobe InDesign Desktop affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27175 CVSS:7.8
Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27177 CVSS:7.8
Adobe InDesign Desktop affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27176 CVSS:5.5
Adobe InDesign Desktop affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27178 CVSS:7.8
Adobe InDesign Desktop affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27179 CVSS:5.5
Adobe InDesign Desktop affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-27172 CVSS:7.8
Adobe Substance3D - Designer affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Impact
- Denial of Service
- Buffer Overflow
- Code Execution
Indicators of Compromise
CVE
CVE-2025-27168
CVE-2025-24450
CVE-2025-24451
CVE-2025-24452
CVE-2025-24453
CVE-2025-27166
CVE-2025-27171
CVE-2025-27175
CVE-2025-27177
CVE-2025-27176
CVE-2025-27178
CVE-2025-27179
CVE-2025-27172
Affected Vendors
- Adobe
Affected Products
- Adobe Illustrator 29.2.1
- Adobe Illustrator 28.7.4
- Adobe Substance3D - Designer 14.1
- Adobe Substance3D - Painter 10.1.2
- Adobe InDesign Desktop ID20.1
- Adobe InDesign Desktop ID19.5.2
Remediation
Refer to Adobe Security Advisory for patch, upgrade, or suggested workaround information.
