Skip to main content

CVE-2025-47112: Out-of-bounds Read (CWE-125) in Adobe Acrobat Reader

Medium
VulnerabilityCVE-2025-47112cvecve-2025-47112cwe-125
Published: Tue Jun 10 2025 (06/10/2025, 19:11:32 UTC)
Source: CVE Database V5
Vendor/Project: Adobe
Product: Acrobat Reader

Description

Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AI-Powered Analysis

AILast updated: 07/10/2025, 20:49:34 UTC

Technical Analysis

CVE-2025-47112 is an out-of-bounds read vulnerability (CWE-125) affecting multiple versions of Adobe Acrobat Reader, specifically versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier. This vulnerability allows an attacker to read memory outside the intended buffer boundaries, potentially leading to the disclosure of sensitive information stored in memory. The flaw can be exploited when a user opens a specially crafted malicious PDF file, which triggers the out-of-bounds read condition. One significant consequence of this vulnerability is that it can be leveraged to bypass security mitigations such as Address Space Layout Randomization (ASLR), which is designed to make exploitation of memory corruption vulnerabilities more difficult. The vulnerability does not allow direct code execution or modification of data integrity or availability but compromises confidentiality by leaking sensitive memory contents. Exploitation requires user interaction, specifically opening a malicious file, and no privileges or authentication are required. The CVSS v3.1 base score is 5.5 (medium severity), reflecting the local attack vector (AV:L), low attack complexity (AC:L), no privileges required (PR:N), required user interaction (UI:R), unchanged scope (S:U), high confidentiality impact (C:H), and no impact on integrity or availability (I:N/A:N). There are no known exploits in the wild at the time of publication, and no patches have been linked yet, indicating that mitigation may currently rely on workarounds or cautious user behavior. This vulnerability is significant because Adobe Acrobat Reader is widely used globally, and PDF files are a common vector for delivering malicious payloads or exploits.

Potential Impact

For European organizations, the impact of CVE-2025-47112 centers on potential leakage of sensitive information from memory when users open malicious PDF documents. This could lead to exposure of confidential data, including cryptographic keys, credentials, or other sensitive application data residing in memory. The ability to bypass ASLR increases the risk that this vulnerability could be chained with other exploits to achieve more severe outcomes, such as remote code execution, although this is not directly enabled by this vulnerability alone. Given the widespread use of Adobe Acrobat Reader in corporate, governmental, and educational institutions across Europe, the risk of targeted attacks exploiting this vulnerability is notable. Attackers could craft phishing campaigns with malicious PDFs to gain initial information disclosure footholds. The requirement for user interaction limits mass exploitation but does not eliminate risk, especially in environments where users frequently handle PDFs from untrusted sources. Confidentiality breaches could have regulatory implications under GDPR if personal or sensitive data is exposed. Additionally, sectors with high-value intellectual property or sensitive operational data, such as finance, healthcare, and critical infrastructure, could face increased risk from such information disclosure.

Mitigation Recommendations

1. Apply official Adobe patches promptly once they become available to remediate the vulnerability. Monitor Adobe security advisories closely for updates. 2. Until patches are released, implement strict email and web gateway filtering to block or quarantine suspicious PDF files, especially those originating from untrusted or external sources. 3. Educate users about the risks of opening unsolicited or unexpected PDF attachments and encourage verification of file sources before opening. 4. Employ endpoint security solutions capable of sandboxing or analyzing PDF files for malicious behavior prior to user interaction. 5. Consider disabling or restricting the use of Adobe Acrobat Reader in favor of alternative PDF viewers with a smaller attack surface or enhanced security features, where feasible. 6. Use application whitelisting and privilege restrictions to limit the ability of malicious PDFs to execute further code or access sensitive resources. 7. Monitor network and endpoint logs for unusual activity that may indicate exploitation attempts or information leakage. 8. Implement Data Loss Prevention (DLP) controls to detect and prevent unauthorized exfiltration of sensitive data that could result from exploitation.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
adobe
Date Reserved
2025-04-30T20:47:55.001Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 684888ea5669e5710431f007

Added to database: 6/10/2025, 7:35:06 PM

Last enriched: 7/10/2025, 8:49:34 PM

Last updated: 8/9/2025, 7:32:02 PM

Views: 17

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats