Adobe Monthly Security Update (July 2025)
Release Date: 9 Jul 2025
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe After Effects |  Medium Risk | Denial of Service Information Disclosure | APSB25-49 | |
| Substance 3D Viewer | Medium Risk | Remote Code Execution Denial of Service Information Disclosure | APSB25-54 | |
| Adobe Audition | Medium Risk | Denial of Service | APSB25-56 | |
| Adobe InCopy | Medium Risk | Remote Code Execution | APSB25-59 | |
| Adobe InDesign | Medium Risk | Remote Code Execution | APSB25-60 | |
| Adobe Connect | Medium Risk | Remote Code Execution | APSB25-61 | |
| Adobe Dimension | Medium Risk | Remote Code Execution Information Disclosure | APSB25-63 | |
| Substance 3D Stager | Medium Risk | Information Disclosure | APSB25-64 | |
| Adobe Illustrator | Medium Risk | Remote Code Execution Information Disclosure Denial of Service | APSB25-65 | |
| Adobe FrameMaker | Medium Risk | Remote Code Execution Information Disclosure Denial of Service | APSB25-66 | |
| Adobe Experience Manager Forms | Medium Risk | Remote Code Execution | APSB25-67 | |
| Adobe Experience Manager Screens | Medium Risk | Cross-site Scripting Remote Code Execution | APSB25-68 | |
| Adobe ColdFusion | Medium Risk | Information Disclosure Elevation of Privilege Security Restriction Bypass Cross-site Scripting Remote Code Execution Denial of Service | APSB25-69 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 13
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Elevation of Privilege
- Cross-Site Scripting
- Security Restriction Bypass
- Information Disclosure
- Denial of Service
System / Technologies affected
- Adobe After Effects 24.6.6 and earlier versions
- Adobe After Effects 25.2 and earlier versions
- Adobe Substance 3D Viewer 0.22 and earlier versions
- Adobe Audition 24.6.3 and earlier versions
- Adobe Audition 25.2 and earlier versions
- Adobe InCopy 19.5.3 and earlier versions
- Adobe InCopy 20.3 and earlier versions
- Adobe InDesign ID19.5.3 and earlier versions
- Adobe InDesign ID20.3 and earlier versions
- Connect Windows App 24 and earlier versions
- Adobe Dimension 4.1.2 and earlier versions
- Adobe Substance 3D Stager 3.1.2 and earlier versions
- Illustrator 2024 28.7.6 and earlier versions
- Illustrator 2025 29.5.1 and earlier versions
- Adobe FrameMaker 2020 Release Update 8 and earlier versions
- Adobe FrameMaker 2022 Release Update 6 and earlier versions
- Adobe Experience Manager (AEM) Forms on JEE 6.5.23.0 and earlier versions
- Adobe Experience Manager (AEM) Screens AEM 6.5.22 Screens FP11.4
- ColdFusion 2021 Update 20 and earlier versions
- ColdFusion 2023 Update 14 and earlier versions
- ColdFusion 2025 Update 2 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.
沒有留言:
發佈留言