CVE-2025-21156

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 11, 2025

CWE ID 191

Summary

CVE-2025-21156 is a newly disclosed vulnerability affecting Adobe InCopy versions 20.0 and 19.5.1, and older releases. This issue involves an Integer Underflow flaw, which, when exploited, can lead to arbitrary code execution. The vulnerability is user-activated, meaning that a victim must open a maliciously crafted file to be at risk. Successful exploitation of this bug can result in significant security implications for users.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe InCopy

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3Q2D24
https://www.cve.org/CVERecord?id=CVE-2025-21156
https://nvd.nist.gov/vuln/detail/CVE-2025-21156

Back to Vulnerability Database