Integer Overflow Vulnerability in InCopy Affects Adobe Products
CVE-2025-30327

7.8HIGH

Key Information:

Vendor: Adobe
Status: Incopy
Vendor: CVE Published:; 10 June 2025

What is CVE-2025-30327?

An integer overflow vulnerability exists in Adobe InCopy, specifically in versions 20.2, 19.5.3, and earlier distributions. This flaw could potentially allow attackers to execute arbitrary code under the context of an authenticated user. The exploitation of this vulnerability necessitates user interaction, as the victim must open a specially crafted malicious file. This poses a significant security risk, highlighting the need for users to remain vigilant while handling unknown files.

Affected Version(s)

InCopy 0 <= 19.5.3

References

https://helpx.adobe.com/security/products/incopy/apsb25-4...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Mar 20, 2025