CVE-2025-64787
BaseFortify
Publication date: 2025-12-09
Last updated on: 2026-04-28
Assigner: Adobe Systems Incorporated
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| adobe | acrobat_dc | to 25.001.20997 (inc) |
| adobe | acrobat_reader_dc | to 25.001.20997 (inc) |
| adobe | acrobat_reader | 24.001.30273 |
| adobe | acrobat_reader | 25.001.20982 |
| adobe | acrobat_reader | 20.005.30793 |
| adobe | acrobat_reader | 24.001.30264 |
| adobe | acrobat_reader | 20.005.30803 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-347 | The product does not verify, or incorrectly verifies, the cryptographic signature for data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Verification of Cryptographic Signature in certain versions of Acrobat Reader. It allows an attacker to bypass security features by exploiting weaknesses in how cryptographic signatures are verified. This can lead to unauthorized write access without requiring any user interaction.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to bypass cryptographic protections and gain limited unauthorized write access on affected systems. This means an attacker might modify data or files without permission, potentially compromising the integrity of documents or the system.