Request a Demo
Rewterz
North Korean APT Kimsuky aka Black Banshee – Active IOCs
July 16, 2025
Rewterz
Multiple Oracle Products Vulnerabilities
July 16, 2025

Multiple Adobe Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-47125 CVSS:7.8

Adobe Framemaker is vulnerable to a heap-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2025-47123 CVSS:7.8

Adobe Framemaker is vulnerable to a heap-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2025-47132 CVSS:7.8

Adobe Framemaker could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

CVE-2025-49528 CVSS:7.8

Adobe Illustrator is vulnerable to a stack-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2025-49531 CVSS:7.8

Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflow error. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

CVE-2025-49527 CVSS:7.8

Adobe Illustrator is vulnerable to a stack-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2025-49532 CVSS:7.8

Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by an integer underflow error. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

CVE-2025-49529 CVSS:7.8

Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by an access of uninitialized pointer error. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

Impact

  • Code Execution
  • Buffer Overflow
  • Gain Access

Indicators of Compromise

CVE

  • CVE-2025-47125
  • CVE-2025-47123
  • CVE-2025-47132
  • CVE-2025-49528
  • CVE-2025-49531
  • CVE-2025-49527
  • CVE-2025-49532
  • CVE-2025-49529

Affected Vendors

  • Adobe

Affected Products

  • Adobe Framemaker 2022 - Rel Update 6
  • Adobe Framemaker 2020 - Rel Update 8
  • Adobe Illustrator - 29.5.1
  • Adobe Illustrator - 28.7.6

Remediation

Refer to Adobe Security Bulletin for patch, upgrade or suggested workaround information.

CVE-2025-47125

CVE-2025-47123

CVE-2025-47132

CVE-2025-49528

CVE-2025-49531

CVE-2025-49527

CVE-2025-49532

CVE-2025-49529