4

CVE-2025-64786

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue does not require user interaction.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat SwEditionclassic Version >= 20.001.3005 < 20.005.30838
AdobeAcrobat Dc SwEditioncontinuous Version < 25.001.20997
AdobeAcrobat Reader SwEditionclassic Version >= 20.001.3005 < 20.005.30838
AdobeAcrobat Reader Dc SwEditioncontinuous Version < 25.001.20997
AdobeAcrobat SwEditionclassic Version >= 24.001.20604 < 24.001.30307
   MicrosoftWindows Version-
AdobeAcrobat SwEditionclassic Version >= 24.001.20604 < 24.001.30308
   ApplemacOS Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.039
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 2.5 1.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
psirt@adobe.com 3.3 1.8 1.4
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CWE-347 Improper Verification of Cryptographic Signature

The product does not verify, or incorrectly verifies, the cryptographic signature for data.