Login Sign Up

CVE-2025-49568

5.5 MEDIUM

📋 TL;DR

Adobe Illustrator versions 28.7.8, 29.6.1 and earlier contain a use-after-free vulnerability that could allow attackers to read sensitive memory contents. This affects users who open malicious Illustrator files, potentially exposing confidential data. The vulnerability requires user interaction through opening a crafted file.

💻 Affected Systems

Products:
  • Adobe Illustrator
Versions: 28.7.8 and earlier, 29.6.1 and earlier
Operating Systems: Windows, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations of affected versions are vulnerable when opening files.

📦 What is this software?

Illustrator by Adobe

View all CVEs affecting Illustrator →

Illustrator by Adobe

View all CVEs affecting Illustrator →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could read sensitive memory contents including passwords, encryption keys, or other application data, leading to complete system compromise.

🟠

Likely Case

Limited memory disclosure from the Illustrator process, potentially exposing some application data but not full system control.

🟢

If Mitigated

No impact if users only open trusted files from verified sources.

🌐 Internet-Facing: LOW - Requires user to download and open malicious files, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Internal users could be tricked into opening malicious files via email or shared drives.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction (opening malicious file) and memory manipulation expertise.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to Illustrator 28.7.9 or 29.6.2 or later

Vendor Advisory: https://helpx.adobe.com/security/products/illustrator/apsb25-74.html

Restart Required: No

Instructions:

1. Open Adobe Creative Cloud application 2. Navigate to 'Apps' tab 3. Find Illustrator and click 'Update' 4. Alternatively, download latest version from Adobe website

🔧 Temporary Workarounds

Restrict file opening

all

Only open Illustrator files from trusted sources and verify file integrity before opening.

🧯 If You Can't Patch

  • Implement application whitelisting to prevent execution of unauthorized Illustrator files
  • Use email filtering to block suspicious .ai files and educate users about phishing risks

🔍 How to Verify

Check if Vulnerable:

Check Illustrator version via Help > About Illustrator. If version is 28.7.8 or earlier, or 29.6.1 or earlier, system is vulnerable.

Check Version:

On Windows: wmic product where name='Adobe Illustrator' get version
On macOS: /Applications/Adobe\ Illustrator*/Adobe\ Illustrator.app/Contents/Info.plist | grep -A1 CFBundleShortVersionString

Verify Fix Applied:

Verify version is 28.7.9 or later, or 29.6.2 or later after update.

📡 Detection & Monitoring

Log Indicators:

  • Application crashes in Illustrator with memory access violations
  • Unexpected file openings from untrusted sources

Network Indicators:

  • Downloads of .ai files from suspicious sources

SIEM Query:

source='*illustrator*' AND (event_id=1000 OR event_id=1001) AND message LIKE '%access violation%'

📊 Metadata

CVE ID: CVE-2025-49568
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-416
EPSS Score: 0.03% exploit probability (7.3th percentile)
Published: August 12, 2025
Last Updated: August 14, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-49568, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)