5.5

CVE-2025-43579

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an Information Exposure vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain unauthorized access to sensitive information. Exploitation of this issue does not require user interaction.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
AdobeAcrobat Dc SwEditioncontinuous Version >= 15.008.20082 < 25.001.20531
   MicrosoftWindows Version-
AdobeAcrobat Reader Dc SwEditioncontinuous Version >= 15.008.20082 < 25.001.20531
   MicrosoftWindows Version-
AdobeAcrobat Dc SwEditioncontinuous Version >= 15.008.20082 < 25.001.20529
   ApplemacOS Version-
AdobeAcrobat Reader Dc SwEditioncontinuous Version >= 15.008.20082 < 25.001.20529
   ApplemacOS Version-
AdobeAcrobat SwEditionclassic Version >= 20.001.30002 < 20.005.30774
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat SwEditionclassic Version >= 24.0.0 < 24.001.30254
   ApplemacOS Version-
   MicrosoftWindows Version-
AdobeAcrobat Reader SwEditionclassic Version >= 20.001.30002 < 20.005.30774
   ApplemacOS Version-
   MicrosoftWindows Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.08% 0.246
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
psirt@adobe.com 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.