CVE-2025-54255

Summary

Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impacting integrity. An attacker does not have to be authenticated. Exploitation of this issue does not require user interaction, and scope is unchanged.

Affected Software

VendorProductVersion RangeStatus
AdobeAcrobat Reader0 <= 25.001.20672affected

Weaknesses

  • CWE-657: Violation of Secure Design Principles (CWE-657)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References