Request a Demo
Rewterz
Multiple Oracle Products Vulnerabilities
July 17, 2025
Rewterz
Critical Cisco ISE Flaw Lets Attackers Gain Root Access Remotely
July 17, 2025

Multiple Adobe Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-49530 CVSS:7.8

Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

CVE-2025-49526 CVSS:7.8

Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

CVE-2025-43591 CVSS:7.8

Adobe InDesign is vulnerable to a heap-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2025-43592 CVSS:7.8

Adobe InDesign could allow a remote attacker to execute arbitrary code on the system, caused by an access of uninitialized pointer error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to execute code on the system with the privileges of the victim or cause the application to crash.

CVE-2025-43594 CVSS:7.8

Adobe InDesign could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to execute code on the system with the privileges of the victim or cause the application to crash.

CVE-2025-47134 CVSS:7.8

Adobe InDesign is vulnerable to a heap-based buffer overflow. By persuading a victim to open a specially crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2025-47136 CVSS:7.8

Adobe InDesign could allow a remote attacker to execute arbitrary code on the system, caused by an integer underflow error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to execute code on the system with the privileges of the victim or cause the application to crash.

Impact

  • Code Execution
  • Buffer Overflow
  • Gain Access

Indicators of Compromise

CVE

  • CVE-2025-49530
  • CVE-2025-49526
  • CVE-2025-43591
  • CVE-2025-43592
  • CVE-2025-43594
  • CVE-2025-47134
  • CVE-2025-47136

Affected Vendors

  • Adobe

Affected Products

  • Adobe Illustrator - 29.5.1
  • Adobe Illustrator - 28.7.6
  • Adobe InDesign - ID19.5.3
  • Adobe InDesign - ID20.3

Remediation

Upgrade to the latest version, available from the Adobe Website.

CVE-2025-49530

CVE-2025-49526

CVE-2025-43591

CVE-2025-43592

CVE-2025-43594

CVE-2025-47134

CVE-2025-47136