Skip to main content

Acrobat EUVDEUVD-2025-17827

| CVE-2025-43577 HIGH
Use After Free (CWE-416)
2025-06-10 psirt@adobe.com
7.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17827
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
CVE Published
Jun 10, 2025 - 19:15 nvd
HIGH 7.8

DescriptionCVE.org

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AnalysisAI

Use After Free (UAF) vulnerability in Adobe Acrobat Reader that allows arbitrary code execution with the privileges of the current user. Affected versions include 24.001.30235, 20.005.30763, 25.001.20521 and earlier across multiple release tracks. Exploitation requires user interaction (opening a malicious PDF file), but the high CVSS score of 7.8 and local attack vector indicate significant real-world risk; KEV and active exploitation status should be confirmed from official sources.

Technical ContextAI

This vulnerability is classified as CWE-416 (Use After Free), a memory safety issue where the application continues to reference memory that has been freed by the program. In Adobe Acrobat Reader's PDF parsing engine, this likely occurs during the processing of maliciously crafted PDF objects or embedded content (JavaScript, media, form fields). The UAF condition allows an attacker to overwrite freed memory with controlled data, achieving arbitrary code execution in the context of the Reader process. Affected CPE ranges include Adobe Acrobat Reader DC and continuous release tracks (versions 24.x, 25.x, and legacy 20.x branches), suggesting the vulnerability spans multiple code paths across different maintenance versions and may involve shared PDF processing libraries.

RemediationAI

Immediate actions: (1) Update Adobe Acrobat Reader to versions NEWER than 24.001.30235 (likely 24.002.x or later), newer than 25.001.20521 (likely 25.002.x or later), or newer than 20.005.30763 (if applicable). Check Adobe's official security update page for specific patch versions released after this CVE announcement. (2) Enable automatic updates in Acrobat Reader preferences (Edit > Preferences > Security > Check for Updates). (3) Interim mitigations if immediate patching is not feasible: disable JavaScript execution in PDF files (Edit > Preferences > Security > Enhanced Security), restrict file associations for PDF files to prevent automatic opening, and implement email filtering to block suspicious PDF attachments. (4) User education: advise users to be cautious opening PDF files from untrusted sources, especially unexpected email attachments. (5) Endpoint detection: deploy behavioral monitoring for abnormal process execution spawned from Reader processes (parent: AdobeReader.exe/acroread).

CVE-2013-2730 CRITICAL POC
10.0 May 16

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attacke

CVE-2015-3073 CRITICAL POC
10.0 May 13

Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass inten

CVE-2014-9160 CRITICAL
10.0 May 13

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows

CVE-2013-3356 CRITICAL
10.0 Sep 12

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attacke

CVE-2013-3353 CRITICAL
10.0 Sep 12

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attacke

CVE-2016-4203 CRITICAL POC
9.8 Jul 13

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acro

CVE-2013-3351 CRITICAL
10.0 Sep 12

Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and M

CVE-2015-7622 CRITICAL POC
10.0 Oct 14

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.

CVE-2013-3358 CRITICAL
10.0 Sep 12

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attack

CVE-2013-3357 CRITICAL
10.0 Sep 12

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attack

CVE-2014-0561 CRITICAL
10.0 Sep 17

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X a

CVE-2012-0774 CRITICAL
10.0 Apr 10

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitra

Share

EUVD-2025-17827 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy