Out-of-Bounds Write Vulnerability in Adobe Framemaker Products
CVE-2025-30304

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Framemaker
Vendor: CVE Published:; 8 April 2025

Summary

Adobe Framemaker versions 2020.8, 2022.6, and earlier are susceptible to an out-of-bounds write vulnerability that allows for arbitrary code execution if a user opens a specially crafted file. This vulnerability requires direct user interaction, highlighting the importance of caution when dealing with untrusted files. It emphasizes the need for users to be vigilant about the sources of files they open within the application.

Affected Version(s)

Adobe Framemaker 0 <= 2022.6

References

https://helpx.adobe.com/security/products/framemaker/apsb...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Apr 8, 2025
Vulnerability Reserved
Mar 20, 2025