CVE-2025-64786

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-64786
Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue requires user interaction with a cryptographic signature.

3.3 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://helpx.adobe.com/security/products/acrobat/apsb25-119.html Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
History

28 Apr 2026, 03:16

Type Values Removed Values Added
Summary (en) Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue does not require user interaction. (en) Acrobat Reader versions 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, 20.005.30803 and earlier are affected by an Improper Verification of Cryptographic Signature vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to gain limited unauthorized write access. Exploitation of this issue requires user interaction with a cryptographic signature.

12 Dec 2025, 19:36

Type Values Removed Values Added
References () https://helpx.adobe.com/security/products/acrobat/apsb25-119.html - () https://helpx.adobe.com/security/products/acrobat/apsb25-119.html - Vendor Advisory
First Time Microsoft
Adobe acrobat Reader
Adobe acrobat Reader Dc
Adobe
Microsoft windows
Apple macos
Apple
Adobe acrobat Dc
Adobe acrobat
CPE cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat:*:*:*:*:classic:*:*:*
cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:classic:*:*:*

09 Dec 2025, 21:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-12-09 21:15

Updated : 2026-04-28 15:39

NVD link : CVE-2025-64786

Mitre link : CVE-2025-64786

CVE.ORG link : CVE-2025-64786

JSON object : View

Products Affected

adobe

  • acrobat_reader
  • acrobat
  • acrobat_reader_dc
  • acrobat_dc

microsoft

  • windows

apple

  • macos
CWE
CWE-347

Improper Verification of Cryptographic Signature