Security Feature Bypass in Adobe Acrobat Reader
CVE-2025-54255

4MEDIUM

Key Information:

Vendor: Adobe
Status: Acrobat Reader
Vendor: CVE Published:; 9 September 2025

What is CVE-2025-54255?

Adobe Acrobat Reader versions 24.001.30254, 20.005.30774, and 25.001.20672 are affected by a vulnerability that potentially allows an attacker to bypass critical security features of the software. This issue can be exploited without requiring any user interaction, meaning that the risk remains high even in passive scenarios. Users of the affected versions should prioritize updating their software to mitigate these security risks.

Affected Version(s)

Acrobat Reader 0 <= 25.001.20672

References

https://helpx.adobe.com/security/products/acrobat/apsb25-...

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 9, 2025
Vulnerability Reserved
Jul 17, 2025