Out-of-Bounds Read Vulnerability in Adobe Illustrator
CVE-2025-24448

5.5MEDIUM

Key Information:

Vendor

Adobe
Status
Illustrator
Vendor
CVE Published:
11 March 2025

What is CVE-2025-24448?

Adobe Illustrator is impacted by an out-of-bounds read vulnerability that may allow attackers to disclose sensitive memory contents. Exploitation of this vulnerability necessitates user interaction, as it requires the victim to open a crafted malicious file. This weakness can also enable attackers to circumvent security measures like Address Space Layout Randomization (ASLR), posing a significant risk to user data and system integrity.

Affected Version(s)

Illustrator 0 <= 28.7.4

References

https://helpx.adobe.com/security/products/illustrator/aps...
vendor-advisory

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-24448 : Out-of-Bounds Read Vulnerability in Adobe Illustrator