CVE-2025-27167

Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 29.2.1, 28.7.4 and earlier

Description: The issue is related to an Untrusted Search Path, which could allow attackers to execute their own programs, access unauthorized data files, or modify configuration in unexpected ways. This occurs when the application uses a search path to locate critical resources, and an attacker modifies that path to point to a malicious program, which the targeted application would then execute. The problem extends to any type of critical resource that the application trusts.

Recommendations: For versions 29.2.1 and earlier, update to a version that is not affected by this issue. For version 28.7.4 and earlier, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to critical resources to minimize the risk of exploitation.