1. Home
  2. CVE Database
  3. CVE-2025-54255
MEDIUM · 4.0

CVE-2025-54255

Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impact...

Vulnerability Description

Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impacting integrity. An attacker does not have to be authenticated. Exploitation of this issue does not require user interaction, and scope is unchanged.

CVSS Score

4.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
AdobeAcrobat>= 24.0.0, < 24.001.30264
AdobeAcrobat Dc>= 15.008.20082, < 25.001.20693
AdobeAcrobat Reader Dc>= 15.008.20082, < 25.001.20693
AppleMacos-
MicrosoftWindows-
AdobeAcrobat Reader>= 20.001.30002, < 20.005.30791

Related Weaknesses (CWE)

CWE-657

References

FAQ

What is CVE-2025-54255?

CVE-2025-54255 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Violation of Secure Design Principles vulnerability that could result in a security feature bypass impact...

How severe is CVE-2025-54255?

CVE-2025-54255 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-54255?

Check the references section above for vendor advisories and patch information. Affected products include: Adobe Acrobat, Adobe Acrobat Dc, Adobe Acrobat Reader Dc, Apple Macos, Microsoft Windows.