CVE-2025-27178

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Mar 11, 2025

CWE ID 787

Summary

CVE-2025-27178 is a newly disclosed vulnerability affecting Adobe InDesign Desktop versions ID20.1, ID19.5.2, and older. This issue involves an out-of-bounds write vulnerability, which can permit arbitrary code execution. The exploitation of this flaw requires a user to open a maliciously crafted file, putting those who handle such files at risk. Successful exploitation can lead to significant security implications, including data theft, system compromise, or unauthorized system access. Users are strongly advised to update their InDesign software to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

InDesign Desktop

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3iCzU6
https://www.cve.org/CVERecord?id=CVE-2025-27178
https://nvd.nist.gov/vuln/detail/CVE-2025-27178

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners