Summary: Adobe has released critical security updates for multiple products, addressing vulnerabilities that could allow remote code execution by malicious hackers. The updates affect Adobe Photoshop, Substance 3D Stager, Illustrator for iPad, Adobe Animate, and Substance 3D Designer.
Threat Actor: Malicious Hackers | malicious hackers
Victim: Adobe | Adobe
Key Point :
- Adobe Photoshop update addresses two critical arbitrary code execution vulnerabilities (CVE-2025-21127 and CVE-2025-21122).
- Five critical memory safety flaws in Adobe Substance 3D Stager could lead to arbitrary code execution, affecting both Windows and macOS.
- Adobe Illustrator for iPad has two critical memory safety issues exposing users to code execution attacks.
- Adobe Animate fixes an integer underflow bug that could lead to arbitrary code execution exploits.
- Four critical memory safety defects in Adobe Substance 3D Designer could allow arbitrary code execution in the context of the current user.
- Adobe is not aware of any active exploits for these vulnerabilities at this time.
Source: https://www.securityweek.com/adobe-critical-code-execution-flaws-in-photoshop/