Adobe Monthly Security Update (December 2025)

Release Date: 10 Dec 2025

RISK: Medium Risk

TYPE: Clients - Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable Product	Risk Level	Impacts	Notes	Details (including CVE)
Adobe ColdFusion	Medium Risk	Remote Code Execution Security Restriction Bypass Information Disclosure Data Manipulation Elevation of Privilege		APSB25-105
Adobe Experience Manager	Medium Risk	Cross-site Scripting Remote Code Execution Information Disclosure		APSB25-115
Adobe DNG Software Development Kit (SDK)	Medium Risk	Remote Code Execution Denial of Service Information Disclosure		APSB25-118
Adobe Acrobat and Reader	Medium Risk	Remote Code Execution Security Restriction Bypass		APSB25-119
Adobe Creative Cloud Desktop Application	Medium Risk	Denial of Service		APSB25-120

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 5

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk

---

Impact

• Remote Code Execution
• Security Restriction Bypass
• Information Disclosure
• Data Manipulation
• Cross-Site Scripting
• Denial of Service
• Elevation of Privilege

---

System / Technologies affected

• Acrobat DC 25.001.20982 and earlier versions
• Acrobat Reader DC 25.001.20982 and earlier versions
• Acrobat Reader 2020 Mac - 20.005.30803 and earlier versions
• Acrobat Reader 2020 Win - 20.005.30793 and earlier versions
• Acrobat 2020 Mac - 20.005.30803 and earlier versions
• Acrobat 2020 Win - 20.005.30793 and earlier versions
• Acrobat 2024 Mac - 24.001.30273 and earlier versions
• Acrobat 2024 Win - 24.001.30264 and earlier versions
• Adobe DNG Software Development Kit (SDK) DNG SDK 1.7.0 and earlier versions
• Adobe Experience Manager (AEM) AEM Cloud Service (CS)
• Adobe Experience Manager (AEM) 6.5 LTS and earlier versions
• Adobe Experience Manager (AEM) 6.5.23 and earlier versions
• ColdFusion 2021 Update 22 and earlier versions
• ColdFusion 2023 Update 16 and earlier versions
• ColdFusion 2025 Update 4 and earlier versions
• Creative Cloud Desktop Application 6.4.0.361 and earlier versions

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

• Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.

---

Vulnerability Identifier

• http://www.cvedetails.com/vulnerability-list.php?vendor_id=53&year=2025&month=12

---

Source

• Adobe

---

Related Link

• https://helpx.adobe.com/security.html/security/security-bulletin.html