PT-2025-50224 · Adobe · Acrobat Reader
Published
2025-12-09
·
Updated
2026-04-28
·
CVE-2025-64785
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Acrobat Reader versions 20.005.30793 through 20.005.30803
Acrobat Reader versions 24.001.30264 through 24.001.30273
Acrobat Reader version 25.001.20982
Description
Acrobat Reader is susceptible to an Untrusted Search Path issue. This could allow attackers to execute arbitrary code with the privileges of the current user. The issue arises when the application uses a search path to locate essential resources. An attacker could manipulate this search path to direct the application to execute a malicious program. User interaction is not needed for exploitation.
Recommendations
Update Acrobat Reader to a version later than 20.005.30803.
Update Acrobat Reader to a version later than 24.001.30273.
Update Acrobat Reader to a version later than 25.001.20982.
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acrobat Reader