CVE-2025-64785

Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue does not require user interaction.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://helpx.adobe.com/security/products/acrobat/apsb25-119.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:adobe:acrobat:::::classic:::*
	cpe:2.3:a:adobe:acrobat_dc:::::continuous:::*
	cpe:2.3:a:adobe:acrobat_reader:::::classic:::*
	cpe:2.3:a:adobe:acrobat_reader_dc:::::continuous:::*

Configuration 2 (hide)

AND

cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*

cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-12-09 21:15

Updated : 2025-12-12 19:36

NVD link : CVE-2025-64785

Mitre link : CVE-2025-64785

CVE.ORG link : CVE-2025-64785

JSON object : View

Products Affected

adobe

acrobat
acrobat_reader_dc
acrobat_reader
acrobat_dc

microsoft

windows

apple

macos

CWE

CWE-426

Untrusted Search Path

{"id": "CVE-2025-64785", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@adobe.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.5}]}, "published": "2025-12-09T21:15:58.940", "references": [{"url": "https://helpx.adobe.com/security/products/acrobat/apsb25-119.html", "tags": ["Vendor Advisory"], "source": "psirt@adobe.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@adobe.com", "description": [{"lang": "en", "value": "CWE-426"}]}], "descriptions": [{"lang": "en", "value": "Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue does not require user interaction."}], "lastModified": "2025-12-12T19:36:24.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", "vulnerable": true, "matchCriteriaId": "62657783-CFC7-4914-8107-3569B6A32F30", "versionEndExcluding": "20.005.30838", "versionStartIncluding": "20.001.3005"}, {"criteria": "cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*", "vulnerable": true, "matchCriteriaId": "788B5A24-7A26-481C-9AB5-63B0E1F95C22", "versionEndExcluding": "25.001.20997"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*", "vulnerable": true, "matchCriteriaId": "577F6321-7719-4DE4-ACE0-D56FA057BB0C", "versionEndExcluding": "20.005.30838", "versionStartIncluding": "20.001.3005"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*", "vulnerable": true, "matchCriteriaId": "390032F7-4C10-4F88-8EBC-71506676BBB1", "versionEndExcluding": "25.001.20997"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", "vulnerable": true, "matchCriteriaId": "C25C367B-6D27-4A56-9B78-3BC12D804D1E", "versionEndExcluding": "24.001.30307", "versionStartIncluding": "24.001.20604"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*", "vulnerable": true, "matchCriteriaId": "2605F01C-8F46-4E51-A9AC-A50ADDD131F4", "versionEndExcluding": "24.001.30308", "versionStartIncluding": "24.001.20604"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@adobe.com"}