Login Sign Up

CVE-2025-61843

5.5 MEDIUM

📋 TL;DR

Format Plugins versions 1.1.1 and earlier contain an out-of-bounds read vulnerability that could allow attackers to read sensitive information from memory. Users who open malicious files with affected software are vulnerable to information disclosure. This affects all systems running vulnerable versions of Format Plugins.

💻 Affected Systems

Products:
  • Format Plugins
Versions: 1.1.1 and earlier
Operating Systems: All platforms where Format Plugins are installed
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of affected versions are vulnerable by default. The vulnerability requires user interaction to open a malicious file.

📦 What is this software?

Format Plugins by Adobe

View all CVEs affecting Format Plugins →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could read sensitive information like passwords, encryption keys, or other confidential data from memory, potentially leading to further system compromise.

🟠

Likely Case

Attackers could extract limited memory contents, potentially revealing some sensitive information but requiring specific conditions and user interaction.

🟢

If Mitigated

With proper controls, the impact is limited to potential memory content disclosure without direct system takeover.

🌐 Internet-Facing: LOW with brief explanation
🏢 Internal Only: MEDIUM with brief explanation

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file) and knowledge of memory layout. No public exploit code is currently known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 1.1.2 or later

Vendor Advisory: https://helpx.adobe.com/security/products/formatplugins/apsb25-114.html

Restart Required: Yes

Instructions:

1. Visit the Adobe security advisory page. 2. Download the latest version of Format Plugins (1.1.2 or later). 3. Install the update following vendor instructions. 4. Restart affected applications or systems as required.

🔧 Temporary Workarounds

Restrict file handling

all

Configure applications to not automatically open files from untrusted sources

User awareness training

all

Train users to avoid opening files from unknown or untrusted sources

🧯 If You Can't Patch

  • Implement application whitelisting to prevent execution of vulnerable plugins
  • Use endpoint protection that can detect and block malicious file execution attempts

🔍 How to Verify

Check if Vulnerable:

Check the Format Plugins version number in the application's about section or plugin management interface

Check Version:

Check application-specific documentation for version query commands

Verify Fix Applied:

Verify the installed version is 1.1.2 or later after applying the update

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing files
  • Memory access violation errors in application logs

Network Indicators:

  • Unusual file downloads followed by application crashes

SIEM Query:

Application:FormatPlugins AND (EventID:1000 OR EventID:1001) AND ProcessName contains formatplugin

📊 Metadata

CVE ID: CVE-2025-61843
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
EPSS Score: 0.03% exploit probability (7.7th percentile)
Published: November 11, 2025
Last Updated: November 13, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-61843, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)