CVE-2025-21159

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Feb 11, 2025

CWE ID 416

Summary

CVE-2025-21159 is a Use After Free vulnerability that affects Adobe Illustrator versions 29.1 and 28.7.3, as well as earlier releases. This issue could allow an attacker to execute arbitrary code in the context of the current user. The exploitation of this vulnerability requires user interaction, specifically the opening of a malicious file. Successful exploitation could lead to significant security risks, including data theft or system compromise. Users are strongly advised to update their Adobe Illustrator software to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Illustrator

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3Q4hdn
https://www.cve.org/CVERecord?id=CVE-2025-21159
https://nvd.nist.gov/vuln/detail/CVE-2025-21159

Back to Vulnerability Database