CVE-2025-64786
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-09
Last updated on: 2026-04-28
Assigner: Adobe Systems Incorporated
Description
Description
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue requires user interaction with a cryptographic signature.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| adobe | acrobat_dc | to 25.001.20997 (inc) |
| adobe | acrobat_reader_dc | to 25.001.20997 (inc) |
| adobe | acrobat_reader | 24.001.30273 |
| adobe | acrobat_reader | 25.001.20982 |
| adobe | acrobat_reader | 20.005.30793 |
| adobe | acrobat_reader | 24.001.30264 |
| adobe | acrobat_reader | 20.005.30803 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-347 | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Verification of Cryptographic Signature in certain versions of Acrobat Reader. It allows an attacker to bypass security features and gain limited unauthorized write access without requiring user interaction.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to bypass security features and gain limited unauthorized write access, potentially compromising the integrity of your files or system without your knowledge.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70