Adobe Monthly Security Update (September 2025)
Release Date: 10 Sep 2025
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Acrobat and Reader |  Medium Risk | Remote Code Execution Security Restriction Bypass | APSB25-85 | |
| Adobe After Effects | Medium Risk | Information Disclosure | APSB25-86 | |
| Adobe Premiere Pro | Medium Risk | Remote Code Execution | APSB25-87 | |
| Adobe Commerce | Medium Risk | Security Restriction Bypass | APSB25-88 | |
| Substance 3D Viewer | Medium Risk | Remote Code Execution | APSB25-89 | |
| Adobe Experience Manager | Medium Risk | Security Restriction Bypass Cross-site Scripting | APSB25-90 | |
| Adobe Dreamweaver | Medium Risk | Remote Code Execution | APSB25-91 | |
| Substance 3D Modeler | Medium Risk | Remote Code Execution | APSB25-92 | |
| Adobe ColdFusion | Medium Risk | Data Manipulation | APSB25-93 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 9
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Remote Code Execution
- Cross-Site Scripting
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Acrobat DC Win - 25.001.20672 and earlier versions
- Acrobat DC Mac - 25.001.20668 and earlier versions
- Acrobat Reader DC Win - 25.001.20672 and earlier versions
- Acrobat Reader DC Mac - 25.001.20668 and earlier versions
- Acrobat 2024 Win & Mac - 24.001.30254 and earlier versions
- Acrobat 2020 Win & Mac - 20.005.30774 and earlier versions
- Acrobat Reader 2020 Win & Mac - 20.005.30774 and earlier versions
- Adobe After Effects 24.6.7 and earlier versions
- Adobe After Effects 25.3 and earlier versions
- Adobe Premiere Pro 25.3 and earlier versions
- Adobe Premiere Pro 24.6.5 and earlier versions
- Adobe Commerce 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier versions
- Adobe Commerce B2B 1.5.3-alpha2, 1.5.2-p2, 1.4.2-p7, 1.3.4-p14, 1.3.3-p15 and earlier versions
- Magento Open Source 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14 and earlier versions
- Adobe Substance 3D Viewer 0.25.1 and earlier versions
- Adobe Experience Manager (AEM) AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) 6.5 LTS SP1, 6.5.23 and earlier versions
- Adobe Dreamweaver 21.5 and earlier versions
- Adobe Substance 3D Modeler 1.22.2 and earlier versions
- ColdFusion 2025 Update 3 and earlier versions
- ColdFusion 2023 Update 15 and earlier versions
- ColdFusion 2021 Update 21 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.
沒有留言:
發佈留言