Integer Underflow Vulnerability in Adobe Framemaker Software
CVE-2025-30296

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Framemaker
Vendor: CVE Published:; 8 April 2025

What is CVE-2025-30296?

Adobe Framemaker, in versions 2020.8, 2022.6, and earlier, is susceptible to an Integer Underflow vulnerability. This security flaw allows for arbitrary code execution in the context of the current user. To exploit this vulnerability, an attacker must convince a user to open a specially crafted malicious file, which triggers the execution of unintended commands, potentially compromising the system's security.

Affected Version(s)

Adobe Framemaker 0 <= 2022.6

References

https://helpx.adobe.com/security/products/framemaker/apsb...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Mar 20, 2025