- 106/2025
- Critical
Adobe has released security updates to address multiple vulnerabilities across several Adobe products.
information, bypass security restrictions, execute arbitrary code, and gain elevated privileges to the affected products.
Sample of the addressed vulnerabilities:
1. Adobe ColdFusion Improper Input Validation Vulnerability (CVE-2025- 43559):
- CVSS: 9.1
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Obtain information
2. Adobe ColdFusion Incorrect Authorization Vulnerability (CVE-2025-43565):
- CVSS: 8.4
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: Required
- Consequences: Security Bypass
Sample of the affected products:
- Adobe ColdFusion 2025 Update 1.
- Adobe ColdFusion 2023 Update 13 and earlier versions.
- Adobe ColdFusion 2021 Update 19 and earlier versions.
- Adobe Connect.
- Adobe Illustrator.
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.