Critical Adobe Acrobat Reader Vulnerabilities Expose Users to Arbitrary Code Execution and Security Bypass
Adobe has recently released a security bulletin addressing multiple vulnerabilities in its Acrobat and Reader software, which could allow attackers to execute arbitrary code and bypass essential security features. These vulnerabilities affect both Windows and macOS platforms and have been assigned a priority rating of 3.
Vulnerability Details:
The identified vulnerabilities include:
– Untrusted Search Path (CWE-426): This critical flaw (CVE-2025-64785) allows for arbitrary code execution and has a CVSS base score of 7.8.
– Out-of-Bounds Read (CWE-125): Another critical vulnerability (CVE-2025-64899) that can lead to arbitrary code execution, also with a CVSS base score of 7.8.
– Improper Verification of Cryptographic Signature (CWE-347): Two moderate vulnerabilities (CVE-2025-64786 and CVE-2025-64787) that could enable security feature bypass, each with a CVSS score of 3.3.
Affected Versions:
The vulnerabilities impact the following versions:
– Acrobat DC (Continuous): Versions 25.001.20982 and earlier on Windows and macOS.
– Acrobat Reader DC (Continuous): Versions 25.001.20982 and earlier on Windows and macOS.
– Acrobat 2024 (Classic 2024): Windows versions 24.001.30264 and earlier; macOS versions 24.001.30273 and earlier.
– Acrobat 2020 (Classic 2020): Windows versions 20.005.30793 and earlier; macOS versions 20.005.30803 and earlier.
– Acrobat Reader 2020 (Classic 2020): Windows versions 20.005.30793 and earlier; macOS versions 20.005.30803 and earlier.
Exploitation Mechanism:
Attackers can exploit these vulnerabilities by crafting malicious PDF files that, when opened by an unsuspecting user, trigger the execution of arbitrary code or bypass security features. The critical vulnerabilities, particularly those allowing arbitrary code execution, pose a significant risk as they can lead to unauthorized access and control over affected systems.
Mitigation Steps:
Adobe strongly recommends that users and organizations update to the latest versions of Acrobat and Reader to mitigate these vulnerabilities. Users can update their software by navigating to Help > Check for Updates within the application. For those with automatic updates enabled, the patches will be applied without manual intervention.
The updated versions addressing these vulnerabilities are:
– Acrobat DC and Reader DC: Version 25.001.20997.
– Acrobat 2024: Version 24.001.30307 for Windows and 24.001.30308 for macOS.
– Acrobat 2020: Version 20.005.30838 for both Windows and macOS.
IT administrators are advised to deploy these updates using their preferred methods, such as AIP-GPO, bootstrapper, or SCCM for Windows environments.
Current Threat Landscape:
As of now, Adobe reports no known exploits targeting these vulnerabilities in the wild. However, given the critical nature of these flaws and their potential for remote execution, prompt patching is essential to prevent potential compromise.
Conclusion:
The discovery of these vulnerabilities underscores the importance of maintaining up-to-date software to protect against emerging threats. Users and organizations should prioritize updating all affected Acrobat installations to safeguard their systems from potential attacks.
