CVE-2025-64785

Details

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue does not require user interaction.

Affected Packages

Windows:10240Adobe Acrobat Reader

Windows:14393Adobe Acrobat Reader

Windows:17763Adobe Acrobat Reader

Windows:18362Adobe Acrobat Reader

Windows:18363Adobe Acrobat Reader

Windows:19041Adobe Acrobat Reader

Windows:19042Adobe Acrobat Reader

Windows:19043Adobe Acrobat Reader

Windows:19044Adobe Acrobat Reader

Windows:19045Adobe Acrobat Reader

Windows:20348Adobe Acrobat Reader

Windows:22000Adobe Acrobat Reader

Windows:22621Adobe Acrobat Reader

Windows:22631Adobe Acrobat Reader

Windows:25398Adobe Acrobat Reader

Windows:26100Adobe Acrobat Reader

Windows:26200Adobe Acrobat Reader

macOS:14Adobe Acrobat Reader

macOS:15Adobe Acrobat Reader

macOS:26Adobe Acrobat Reader

References

ADVISORYhttps://helpx.adobe.com/security/products/acrobat/apsb25-119.html ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2025-64785

Mondoo Vulnerability Intelligence

CVE-2025-64785

Details

Affected Packages

References

CVSS Analysis

Weakness Type (CWE)

Ecosystems

Timeline