CVE-2025-21125

Summary

CVE-2025-21125 is a NULL Pointer Dereference vulnerability that affects Adobe InDesign Desktop versions ID20.0 and ID19.5.1, and earlier. This issue can lead to an application denial-of-service, allowing an attacker to crash the software by exploiting the vulnerability. The exploitation process requires user interaction, as the victim must open a malicious file to trigger the issue. InDesign users running affected versions are at risk of experiencing application crashes and subsequent denial-of-service conditions. The vulnerability (CVE-2025-21125) is a NULL Pointer Dereference issue, which can be exploited by attackers to crash the software, denying access to users. The exploitation of this vulnerability necessitates user interaction, as opening a maliciously crafted file triggers the issue.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.