Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-47125 (GCVE-0-2025-47125)
Vulnerability from cvelistv5 – Published: 2025-07-08 22:11 – Updated: 2026-02-26 17:50
VLAI
EPSS
Title
Adobe Framemaker | Heap-based Buffer Overflow (CWE-122)
Summary
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
7.8 (High)
CWE
- CWE-122 - Heap-based Buffer Overflow (CWE-122)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://helpx.adobe.com/security/products/framema… | vendor-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Adobe | Adobe Framemaker |
Affected:
0 , ≤ 2022.6
(semver)
|
Date Public
2025-07-08 17:00
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-47125",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-10T03:55:33.366202Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:50:55.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Adobe Framemaker",
"vendor": "Adobe",
"versions": [
{
"lessThanOrEqual": "2022.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-07-08T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"exploitCodeMaturity": "NOT_DEFINED",
"integrityImpact": "HIGH",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "LOW",
"modifiedAttackVector": "LOCAL",
"modifiedAvailabilityImpact": "HIGH",
"modifiedConfidentialityImpact": "HIGH",
"modifiedIntegrityImpact": "HIGH",
"modifiedPrivilegesRequired": "NONE",
"modifiedScope": "UNCHANGED",
"modifiedUserInteraction": "REQUIRED",
"privilegesRequired": "NONE",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow (CWE-122)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T22:11:08.479Z",
"orgId": "078d4453-3bcd-4900-85e6-15281da43538",
"shortName": "adobe"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://helpx.adobe.com/security/products/framemaker/apsb25-66.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Adobe Framemaker | Heap-based Buffer Overflow (CWE-122)"
}
},
"cveMetadata": {
"assignerOrgId": "078d4453-3bcd-4900-85e6-15281da43538",
"assignerShortName": "adobe",
"cveId": "CVE-2025-47125",
"datePublished": "2025-07-08T22:11:08.479Z",
"dateReserved": "2025-04-30T20:47:55.002Z",
"dateUpdated": "2026-02-26T17:50:55.770Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-47125",
"date": "2026-05-30",
"epss": "0.00115",
"percentile": "0.29945"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-47125\",\"sourceIdentifier\":\"psirt@adobe.com\",\"published\":\"2025-07-08T23:15:25.117\",\"lastModified\":\"2025-07-10T18:52:41.983\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\"},{\"lang\":\"es\",\"value\":\"Las versiones 2020.8, 2022.6 y anteriores de Adobe Framemaker se ven afectadas por una vulnerabilidad de desbordamiento de b\u00fafer en mont\u00f3n que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema, es necesario que la v\u00edctima abra un archivo malicioso.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@adobe.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@adobe.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:framemaker:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2020.9\",\"matchCriteriaId\":\"9094BE23-BB49-4630-872D-F704A327CD6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:adobe:framemaker:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2022\",\"versionEndExcluding\":\"2022.7\",\"matchCriteriaId\":\"3D384878-EE53-416F-8916-2213E845CB54\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://helpx.adobe.com/security/products/framemaker/apsb25-66.html\",\"source\":\"psirt@adobe.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-47125\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-09T13:23:08.812598Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-09T13:23:12.982Z\"}}], \"cna\": {\"title\": \"Adobe Framemaker | Heap-based Buffer Overflow (CWE-122)\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"modifiedScope\": \"UNCHANGED\", \"temporalScore\": 7.8, \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"remediationLevel\": \"NOT_DEFINED\", \"reportConfidence\": \"NOT_DEFINED\", \"temporalSeverity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"environmentalScore\": 7.8, \"privilegesRequired\": \"NONE\", \"exploitCodeMaturity\": \"NOT_DEFINED\", \"integrityRequirement\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"LOCAL\", \"confidentialityImpact\": \"HIGH\", \"environmentalSeverity\": \"HIGH\", \"availabilityRequirement\": \"NOT_DEFINED\", \"modifiedIntegrityImpact\": \"HIGH\", \"modifiedUserInteraction\": \"REQUIRED\", \"modifiedAttackComplexity\": \"LOW\", \"confidentialityRequirement\": \"NOT_DEFINED\", \"modifiedAvailabilityImpact\": \"HIGH\", \"modifiedPrivilegesRequired\": \"NONE\", \"modifiedConfidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Adobe\", \"product\": \"Adobe Framemaker\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"2022.6\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2025-07-08T17:00:00.000Z\", \"references\": [{\"url\": \"https://helpx.adobe.com/security/products/framemaker/apsb25-66.html\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-122\", \"description\": \"Heap-based Buffer Overflow (CWE-122)\"}]}], \"providerMetadata\": {\"orgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"shortName\": \"adobe\", \"dateUpdated\": \"2025-07-08T22:11:08.479Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-47125\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-10T03:55:32.601Z\", \"dateReserved\": \"2025-04-30T20:47:55.002Z\", \"assignerOrgId\": \"078d4453-3bcd-4900-85e6-15281da43538\", \"datePublished\": \"2025-07-08T22:11:08.479Z\", \"assignerShortName\": \"adobe\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Title
Adobe Framemaker堆缓冲区溢出漏洞(CNVD-2025-16396)
Description
Adobe Framemaker是美国奥多比(Adobe)公司的一套用于编写和编辑大型或复杂文档(包括结构化文档)的页面排版软件。
Adobe Framemaker存在堆缓冲区溢出漏洞,攻击者可利用该漏洞在当前用户的上下文中执行任意代码。
Severity
高
Patch Name
Adobe Framemaker堆缓冲区溢出漏洞(CNVD-2025-16396)的补丁
Patch Description
Adobe Framemaker是美国奥多比(Adobe)公司的一套用于编写和编辑大型或复杂文档(包括结构化文档)的页面排版软件。
Adobe Framemaker存在堆缓冲区溢出漏洞,攻击者可利用该漏洞在当前用户的上下文中执行任意代码。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://helpx.adobe.com/security/products/framemaker/apsb25-66.html
Reference
https://helpx.adobe.com/security/products/framemaker/apsb25-66.html
Impacted products
| Name | ['Adobe Framemaker <=2020 Release Update 8', 'Adobe Framemaker <=2022 Release Update 6'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-47125",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-47125"
}
},
"description": "Adobe Framemaker\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u7f16\u5199\u548c\u7f16\u8f91\u5927\u578b\u6216\u590d\u6742\u6587\u6863\uff08\u5305\u62ec\u7ed3\u6784\u5316\u6587\u6863\uff09\u7684\u9875\u9762\u6392\u7248\u8f6f\u4ef6\u3002\n\nAdobe Framemaker\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://helpx.adobe.com/security/products/framemaker/apsb25-66.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-16396",
"openTime": "2025-07-21",
"patchDescription": "Adobe Framemaker\u662f\u7f8e\u56fd\u5965\u591a\u6bd4\uff08Adobe\uff09\u516c\u53f8\u7684\u4e00\u5957\u7528\u4e8e\u7f16\u5199\u548c\u7f16\u8f91\u5927\u578b\u6216\u590d\u6742\u6587\u6863\uff08\u5305\u62ec\u7ed3\u6784\u5316\u6587\u6863\uff09\u7684\u9875\u9762\u6392\u7248\u8f6f\u4ef6\u3002\r\n\r\nAdobe Framemaker\u5b58\u5728\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5f53\u524d\u7528\u6237\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Adobe Framemaker\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2025-16396\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Adobe Framemaker \u003c=2020 Release Update 8",
"Adobe Framemaker \u003c=2022 Release Update 6"
]
},
"referenceLink": "https://helpx.adobe.com/security/products/framemaker/apsb25-66.html",
"serverity": "\u9ad8",
"submitTime": "2025-07-21",
"title": "Adobe Framemaker\u5806\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\uff08CNVD-2025-16396\uff09"
}
FKIE_CVE-2025-47125
Vulnerability from fkie_nvd - Published: 2025-07-08 23:15 - Updated: 2025-07-10 18:52
Severity
Summary
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@adobe.com | https://helpx.adobe.com/security/products/framemaker/apsb25-66.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| adobe | framemaker | * | |
| adobe | framemaker | * | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:adobe:framemaker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9094BE23-BB49-4630-872D-F704A327CD6D",
"versionEndExcluding": "2020.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:adobe:framemaker:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D384878-EE53-416F-8916-2213E845CB54",
"versionEndExcluding": "2022.7",
"versionStartIncluding": "2022",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file."
},
{
"lang": "es",
"value": "Las versiones 2020.8, 2022.6 y anteriores de Adobe Framemaker se ven afectadas por una vulnerabilidad de desbordamiento de b\u00fafer en mont\u00f3n que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario en el contexto del usuario actual. Para explotar este problema, es necesario que la v\u00edctima abra un archivo malicioso."
}
],
"id": "CVE-2025-47125",
"lastModified": "2025-07-10T18:52:41.983",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "psirt@adobe.com",
"type": "Secondary"
}
]
},
"published": "2025-07-08T23:15:25.117",
"references": [
{
"source": "psirt@adobe.com",
"tags": [
"Vendor Advisory"
],
"url": "https://helpx.adobe.com/security/products/framemaker/apsb25-66.html"
}
],
"sourceIdentifier": "psirt@adobe.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "psirt@adobe.com",
"type": "Secondary"
}
]
}
GHSA-XJWQ-6F7J-W45W
Vulnerability from github – Published: 2025-07-09 00:30 – Updated: 2025-07-09 00:30
VLAI
Details
Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2025-47125"
],
"database_specific": {
"cwe_ids": [
"CWE-122"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-08T23:15:25Z",
"severity": "HIGH"
},
"details": "Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
"id": "GHSA-xjwq-6f7j-w45w",
"modified": "2025-07-09T00:30:33Z",
"published": "2025-07-09T00:30:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47125"
},
{
"type": "WEB",
"url": "https://helpx.adobe.com/security/products/framemaker/apsb25-66.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
NCSC-2025-0223
Vulnerability from csaf_ncscnl - Published: 2025-07-09 08:47 - Updated: 2025-07-09 08:47Summary
Kwetsbaarheden verholpen in Adobe Framemaker
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Adobe heeft kwetsbaarheden verholpen in Adobe Framemaker (Versies 2020.8, 2022.6 en eerder).
Interpretaties: De kwetsbaarheden in Adobe Framemaker zijn gerelateerd aan verschillende soorten kwetsbaarheden, waaronder Heap-based Buffer Overflow, Integer Underflow, en NULL Pointer Dereference. Deze kwetsbaarheden kunnen leiden tot willekeurige code-executie wanneer een gebruiker een speciaal vervaardigd kwaadaardig bestand opent. Dit stelt aanvallers in staat om ongeautoriseerde code uit te voeren binnen de context van de applicatie, wat een aanzienlijk risico vormt voor de gebruikers van deze versies. De exploitatie van deze kwetsbaarheden vereist gebruikersinteractie, wat betekent dat gebruikers voorzichtig moeten zijn met het openen van onbetrouwbare bestanden.
Oplossingen: Adobe heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-191: Integer Underflow (Wrap or Wraparound)
CWE-824: Access of Uninitialized Pointer
CWE-476: NULL Pointer Dereference
CWE-787: Out-of-bounds Write
CWE-122: Heap-based Buffer Overflow
CWE-121: Stack-based Buffer Overflow
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
5.5 (Medium)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
7.8 (High)
Affected products
Known affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:semver/<=2022.6
Adobe / Adobe Framemaker
|
vers:semver/<=2022.6 | ||
|
vers:adobe/<=2020releaseupdate8
Adobe / FrameMaker
|
vers:adobe/<=2020releaseupdate8 | ||
|
vers:adobe/<=2022releaseupdate6
Adobe / FrameMaker
|
vers:adobe/<=2022releaseupdate6 |
References
16 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Adobe heeft kwetsbaarheden verholpen in Adobe Framemaker (Versies 2020.8, 2022.6 en eerder).",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden in Adobe Framemaker zijn gerelateerd aan verschillende soorten kwetsbaarheden, waaronder Heap-based Buffer Overflow, Integer Underflow, en NULL Pointer Dereference. Deze kwetsbaarheden kunnen leiden tot willekeurige code-executie wanneer een gebruiker een speciaal vervaardigd kwaadaardig bestand opent. Dit stelt aanvallers in staat om ongeautoriseerde code uit te voeren binnen de context van de applicatie, wat een aanzienlijk risico vormt voor de gebruikers van deze versies. De exploitatie van deze kwetsbaarheden vereist gebruikersinteractie, wat betekent dat gebruikers voorzichtig moeten zijn met het openen van onbetrouwbare bestanden.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Adobe heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
},
{
"category": "general",
"text": "Access of Uninitialized Pointer",
"title": "CWE-824"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd",
"url": "https://helpx.adobe.com/security/products/framemaker/apsb25-66.html"
}
],
"title": "Kwetsbaarheden verholpen in Adobe Framemaker",
"tracking": {
"current_release_date": "2025-07-09T08:47:38.891072Z",
"generator": {
"date": "2025-06-05T14:45:00Z",
"engine": {
"name": "V.A.",
"version": "1.1"
}
},
"id": "NCSC-2025-0223",
"initial_release_date": "2025-07-09T08:47:38.891072Z",
"revision_history": [
{
"date": "2025-07-09T08:47:38.891072Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c=2022.6",
"product": {
"name": "vers:semver/\u003c=2022.6",
"product_id": "CSAFPID-2634538"
}
}
],
"category": "product_name",
"name": "Adobe Framemaker"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:adobe/\u003c=2020releaseupdate8",
"product": {
"name": "vers:adobe/\u003c=2020releaseupdate8",
"product_id": "CSAFPID-2965625"
}
},
{
"category": "product_version_range",
"name": "vers:adobe/\u003c=2022releaseupdate6",
"product": {
"name": "vers:adobe/\u003c=2022releaseupdate6",
"product_id": "CSAFPID-2965626"
}
}
],
"category": "product_name",
"name": "FrameMaker"
}
],
"category": "vendor",
"name": "Adobe"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-47121",
"cwe": {
"id": "CWE-824",
"name": "Access of Uninitialized Pointer"
},
"notes": [
{
"category": "other",
"text": "Access of Uninitialized Pointer",
"title": "CWE-824"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47121 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47121.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47121"
},
{
"cve": "CVE-2025-47122",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47122 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47122.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47122"
},
{
"cve": "CVE-2025-47123",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47123 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47123.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47123"
},
{
"cve": "CVE-2025-47124",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47124 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47124.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47124"
},
{
"cve": "CVE-2025-47125",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47125 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47125.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47125"
},
{
"cve": "CVE-2025-47127",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47127 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47127.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47127"
},
{
"cve": "CVE-2025-47128",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47128 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47128.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47128"
},
{
"cve": "CVE-2025-47129",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47129 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47129.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47129"
},
{
"cve": "CVE-2025-47130",
"cwe": {
"id": "CWE-191",
"name": "Integer Underflow (Wrap or Wraparound)"
},
"notes": [
{
"category": "other",
"text": "Integer Underflow (Wrap or Wraparound)",
"title": "CWE-191"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47130 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47130.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47130"
},
{
"cve": "CVE-2025-47131",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47131 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47131.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47131"
},
{
"cve": "CVE-2025-47132",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47132 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47132.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47132"
},
{
"cve": "CVE-2025-47133",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47133 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47133.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47133"
},
{
"cve": "CVE-2025-47120",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47120 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47120.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47120"
},
{
"cve": "CVE-2025-47119",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47119 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47119.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47119"
},
{
"cve": "CVE-2025-47126",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-47126 | NCSC-NL Website",
"url": "https://vulnerabilities.ncsc.nl/csaf/v2/2025/cve-2025-47126.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-2634538",
"CSAFPID-2965625",
"CSAFPID-2965626"
]
}
],
"title": "CVE-2025-47126"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…