Adobe Monthly Security Update (August 2025)
Last Update Date:
16 Oct 2025
Release Date:
13 Aug 2025
7307
Views
RISK: Extremely High Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Commerce |  Medium Risk | Denial of Service Elevation of Privilege Information Disclosure Cross-site Scripting Security Restriction Bypass | APSB25-71 | |
| Substance 3D Viewer | Medium Risk | Remote Code Execution | APSB25-72 | |
| Adobe Animate | Medium Risk | Remote Code Execution Information Disclosure | APSB25-73 | |
| Adobe Illustrator | Medium Risk | Remote Code Execution Denial of Service | APSB25-74 | |
| Adobe Photoshop | Medium Risk | Remote Code Execution | APSB25-75 | |
| Substance 3D Modeler | Medium Risk | Remote Code Execution Information Disclosure | APSB25-76 | |
| Substance 3D Painter | Medium Risk | Remote Code Execution Information Disclosure | APSB25-77 | |
| Substance 3D Sampler | Medium Risk | Information Disclosure | APSB25-78 | |
| Adobe InDesign | Medium Risk | Remote Code Execution Information Disclosure | APSB25-79 | |
| Adobe InCopy | Medium Risk | Remote Code Execution | APSB25-80 | |
| Substance 3D Stager | Medium Risk | Remote Code Execution Information Disclosure | APSB25-81 | |
| Adobe Experience Manager Forms |  Extremely High Risk | Information Disclosure Remote Code Execution | CVE-2025-54253 is being exploited in the wild. Due to insufficient validation of user-supplied input, a remote attacker can pass specially crafted input to the application and execute arbitrary code via Struts DevMode. | APSB25-82 |
| Adobe FrameMaker | Medium Risk | Remote Code Execution Information Disclosure | APSB25-83 | |
| Adobe Dimension | Medium Risk | Information Disclosure | APSB25-84 |
Number of 'Extremely High Risk' product(s): 1
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 13
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Extremely High Risk
[Updated on 2025-10-16]
Updated Description, Risk Level, Solutions and Related Links.
Impact
- Remote Code Execution
- Elevation of Privilege
- Cross-Site Scripting
- Security Restriction Bypass
- Information Disclosure
- Denial of Service
System / Technologies affected
- Adobe Commerce 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier versions
- Adobe Commerce B2B 1.5.3-alpha1, 1.5.2-p1, 1.4.2-p6, 1.3.5-p11, 1.3.4-p13, 1.3.3-p14 and earlier versions
- Magento Open Source 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13 and earlier versions
- Adobe Substance 3D Viewer 0.25 and earlier versions
- Adobe Animate 2023 23.0.12 and earlier versions
- Adobe Animate 2024 24.0.9 and earlier versions
- Illustrator 2025 29.6.1 and earlier versions
- Illustrator 2024 28.7.8 and earlier versions
- Photoshop 2025 26.8 and earlier versions
- Photoshop 2024 25.12.3 and earlier versions
- Adobe Substance 3D Modeler 1.22.0 and earlier versions
- Adobe Substance 3D Painter 11.0.2 and earlier versions
- Adobe Substance 3D Sampler 5.0.3 and earlier versions
- Adobe InDesign ID20.4 and earlier versions
- Adobe InDesign ID19.5.4 and earlier versions
- Adobe InCopy 20.4 and earlier versions
- Adobe InCopy 19.5.4 and earlier versions
- Adobe Substance 3D Stager 3.1.3 and earlier versions
- Adobe FrameMaker 2020 Release Update 8 and earlier versions
- Adobe FrameMaker 2022 Release Update 6 and earlier versions
- Adobe Dimension 4.1.3 and earlier versions
- Adobe Experience Manager (AEM) Forms on JEE 6.5.23.0 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update.
Vulnerability Identifier
Source
Related Link
Related Tags
Share with