CVE-2025-21123

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 11, 2025

CWE ID 122

Summary

CVE-2025-21123 is a serious vulnerability affecting Adobe InDesign Desktop versions ID20.0 and ID19.5.1, and older releases. This issue involves a heap-based buffer overflow, which cybercriminals can exploit to execute arbitrary code. The exploitation process necessitates user interaction, requiring a victim to open a maliciously crafted file. If successfully exploited, this vulnerability could result in significant data loss or system compromise for affected users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

InDesign Desktop

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3Q2O88
https://www.cve.org/CVERecord?id=CVE-2025-21123
https://nvd.nist.gov/vuln/detail/CVE-2025-21123

Back to Vulnerability Database