Access of Uninitialized Pointer Vulnerability in Adobe InDesign Desktop
CVE-2025-43592

7.8HIGH

Key Information:

Vendor: Adobe
Status: Indesign Desktop
Vendor: CVE Published:; 8 July 2025

What is CVE-2025-43592?

Adobe InDesign Desktop versions up to 19.5.3 are prone to an Access of Uninitialized Pointer vulnerability. This flaw can lead to arbitrary code execution if exploited, which necessitates user action, as the victim must open a specially crafted malicious file for an attack to succeed. It is crucial for users to stay informed about this vulnerability and apply necessary updates to mitigate risks effectively.

Affected Version(s)

InDesign Desktop 0 <= 19.5.3

References

https://helpx.adobe.com/security/products/indesign/apsb25...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 8, 2025
Vulnerability Reserved
Apr 16, 2025