CVE-2025-27158

Acrobat Reader | Access of Uninitialized Pointer (CWE-824)

CVSS 7.8 HIGHEPSS 0.4%CWE-824

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 7.8EPSS 0.4%KEV nãoPoC —Patch referenciado

Ciclo de vida

11 mar 2025Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Productos afectados

Adobe · Acrobat Reader

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://helpx.adobe.com/security/products/acrobat/apsb25-14.html https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2135