NULL Pointer Dereference Vulnerability in Adobe Acrobat Reader
CVE-2025-47111

5.5MEDIUM

Key Information:

Vendor: Adobe
Status: Acrobat Reader
Vendor: CVE Published:; 10 June 2025

What is CVE-2025-47111?

Adobe Acrobat Reader versions 24.001.30235, 20.005.30763, and 25.001.20521 are susceptible to a NULL Pointer Dereference vulnerability. This flaw can be exploited by attackers to cause an unexpected crash of the application, leading to service disruption. To exploit this security issue, an attacker must entice a user into opening a specially crafted malicious file.

Affected Version(s)

Acrobat Reader 0 <= 25.001.20521

References

https://helpx.adobe.com/security/products/acrobat/apsb25-...

vendor-advisory

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Apr 30, 2025