CVE-2025-27158

Published Mar 11, 2025

Last updated 10 hours ago

CVSS high 7.8
Adobe Acrobat Reader

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-27158 is an Access of Uninitialized Pointer vulnerability affecting Adobe Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428, and earlier. The vulnerability can lead to arbitrary code execution within the context of the current user. Exploitation of this vulnerability requires user interaction, specifically, a victim must open a maliciously crafted file. An attacker could exploit this to execute arbitrary code within the application by enticing a user to open a specially crafted PDF file.

Description
Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Source
psirt@adobe.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Secondary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

psirt@adobe.com
CWE-824

Social media

Hype score
Not currently trending

  1. 2025-04-23 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― [하루한줄] CVE-2025-27158: Adobe Acrobat Reader의 Uninitialized Pointer로 인한 RCE 취약점 - hackyboiz https://t.co/AkidDfkzQs https://t.co/WXMzeOhwP0

    @motikan2010

    24 Apr 2025

    122 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-27158: RCE Vulnerability due to Uninitialized Pointer in Adobe Acrobat Reader https://t.co/9BYRffahJt The vulnerability used an uninitialized pointer while processing an OpenType Font (OTF) file embedded in a PDF, resulting in a memory corruption vulnerability.

    @hackyboiz

    23 Apr 2025

    6906 Impressions

    37 Retweets

    112 Likes

    61 Bookmarks

    0 Replies

    0 Quotes

  3. برای برنامه Adobe acrobat آسیب پذیری های جدیدی با کدهای شناسایی CVE-2025-27163 و CVE-2025-27164 و CVE-2025-27158 از نوع OS command execution منتشر شده است. برای پیشگیری و مقابله با این تهدید به روز رسانی لازم را اعمال نمایید. https://t.co/Poz3aKY03t https://t.co/pPN51P02lF

    @AmirHossein_sec

    22 Mar 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2025-27158 🔴 HIGH (7.8) 🏢 Adobe - Acrobat Reader 🏗️ 0 🔗 https://t.co/yqkOZZHY1N #CyberCron #VulnAlert #InfoSec https://t.co/pU7TuY06IU

    @cybercronai

    13 Mar 2025

    235 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. New post from https://t.co/uXvPWJy6tj (CVE-2025-27158 | Adobe Acrobat Reader up to 20.005.30748/24.001.30225/25.001.20428 uninitialized pointer (apsb25-14 / Nessus ID 232599)) has been published on https://t.co/CcoV0PKtKK

    @WolfgangSesin

    12 Mar 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2025-27158 Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arb… https://t.co/Ht1EAkz9r4

    @CVEnew

    11 Mar 2025

    274 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References