Out-of-bounds Write Vulnerability in Adobe Framemaker Products
CVE-2025-30297

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Framemaker
Vendor: CVE Published:; 8 April 2025

What is CVE-2025-30297?

Adobe Framemaker versions 2020.8, 2022.6, and earlier contain a vulnerability that allows for out-of-bounds writing, potentially leading to arbitrary code execution within the context of the current user. To successfully exploit this vulnerability, an attacker must trick a user into opening a specially crafted file, making user interaction a requirement for the attack. It is crucial for users to be aware of such threats and to ensure they are using updated software to mitigate risks associated with this vulnerability.

Affected Version(s)

Adobe Framemaker 0 <= 2022.6

References

https://helpx.adobe.com/security/products/framemaker/apsb...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Mar 20, 2025