CVE-2025-47112 – This CVE describes an out-of-bounds read vulner... (How to Fix)

Q: What is the severity of CVE-2025-47112?

CVE-2025-47112 has a CVSS score of 5.5 (MEDIUM). This CVE describes an out-of-bounds read vulnerability in Adobe Acrobat Reader that could allow an attacker to read sensitive memory contents. If exploited, it could help bypass security mitigations like ASLR. Users who open malicious PDF files with affected versions are at risk.

📋 TL;DR

This CVE describes an out-of-bounds read vulnerability in Adobe Acrobat Reader that could allow an attacker to read sensitive memory contents. If exploited, it could help bypass security mitigations like ASLR. Users who open malicious PDF files with affected versions are at risk.

💻 Affected Systems

Products:

Adobe Acrobat Reader DC
Adobe Acrobat Reader

Versions: 24.001.30235 and earlier, 20.005.30763 and earlier, 25.001.20521 and earlier

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations of affected versions are vulnerable

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Memory disclosure leading to ASLR bypass enabling more severe attacks like remote code execution

🟠

Likely Case

Information disclosure of memory contents, potentially revealing sensitive data

🟢

If Mitigated

Limited impact with proper security controls and user awareness

🌐 Internet-Facing: MEDIUM - Requires user interaction but PDFs are commonly shared via internet

🏢 Internal Only: MEDIUM - Internal users could receive malicious PDFs via email or file shares

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction (opening malicious PDF) and knowledge of memory layout

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after those listed in affected versions

Vendor Advisory: https://helpx.adobe.com/security/products/acrobat/apsb25-57.html

Restart Required: Yes

Instructions:

1. Open Adobe Acrobat Reader
2. Go to Help > Check for Updates
3. Follow prompts to install latest version
4. Restart computer after installation

🔧 Temporary Workarounds

Disable JavaScript in PDFs

all

Prevents JavaScript-based exploitation vectors

Edit > Preferences > JavaScript > Uncheck 'Enable JavaScript'

Use Protected View

all

Open untrusted PDFs in Protected View mode

File > Open > Select 'Protected View' option

🧯 If You Can't Patch

Restrict PDF file opening to trusted sources only
Implement application whitelisting to block Acrobat Reader execution

🔍 How to Verify

Check if Vulnerable:

Check Help > About Adobe Acrobat Reader and compare version to affected list

Check Version:

Windows: wmic product where name="Adobe Acrobat Reader DC" get version
macOS: /Applications/Adobe\ Acrobat\ Reader\ DC.app/Contents/Info.plist | grep -A1 CFBundleShortVersionString

Verify Fix Applied:

Verify version is newer than affected versions listed in advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes in Acrobat Reader
Security event logs showing PDF file access

Network Indicators:

PDF downloads from untrusted sources
Email attachments with PDF files

SIEM Query:

source="*acrobat*" AND (event_type="crash" OR file_extension="pdf")

📊 Metadata

CVE ID: CVE-2025-47112

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-125

EPSS Score: 0.03% exploit probability (7.3th percentile)

Published: June 10, 2025

Last Updated: July 25, 2025

🔗 References

https://helpx.adobe.com/security/products/acrobat/apsb25-57.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-47112, you might also want to check these: