CVE-2025-43573 is a high-severity Use After Free (CWE-416) vulnerability affecting multiple versions of Adobe Acrobat Reader, specifically versions 24.001.30235, 20.005.30763, 25.001.20521, and earlier. The vulnerability arises from improper handling of memory, where a program continues to use a pointer after the memory it points to has been freed. This can lead to arbitrary code execution within the context of the current user. Exploitation requires user interaction, specifically opening a maliciously crafted PDF file. Once triggered, an attacker could execute arbitrary code, potentially leading to full compromise of the affected user's privileges, including confidentiality, integrity, and availability of data and system resources. The CVSS v3.1 base score is 7.8, indicating a high severity, with attack vector Local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), user interaction required (UI:R), unchanged scope (S:U), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). No known exploits are currently reported in the wild, and no official patches have been linked yet, though the vulnerability has been publicly disclosed as of June 10, 2025.

For European organizations, this vulnerability poses a significant risk due to the widespread use of Adobe Acrobat Reader for handling PDF documents, which are common in business communications, contracts, and official documentation. Successful exploitation could lead to unauthorized access to sensitive information, data corruption, or disruption of business operations. Given that exploitation requires user interaction, phishing or social engineering campaigns could be leveraged to deliver malicious PDFs, increasing the risk in environments with less stringent user awareness training. The impact is particularly critical for sectors handling sensitive personal data under GDPR, financial institutions, government agencies, and critical infrastructure operators, where confidentiality and integrity breaches could have severe regulatory and operational consequences.

European organizations should prioritize the following mitigations: 1) Immediately monitor Adobe’s official channels for patches and apply updates as soon as they become available. 2) Implement strict email filtering and attachment scanning to detect and block malicious PDF files. 3) Enhance user awareness training focused on recognizing phishing attempts and the risks of opening unsolicited or suspicious PDF attachments. 4) Employ application whitelisting and sandboxing techniques to restrict Acrobat Reader’s ability to execute arbitrary code or access sensitive system resources. 5) Use endpoint detection and response (EDR) solutions to monitor for anomalous behavior indicative of exploitation attempts. 6) Consider disabling or restricting the use of Acrobat Reader in high-risk environments or replacing it with alternative PDF viewers with a smaller attack surface until patches are applied.