Alert GCSA-25035 - Adobe Monthly Security Update - marzo 2025


******************************************************************

Alert ID: GCSA-25035
data: 13 marzo 2025
titolo: Adobe Monthly Security Update - marzo 2025

******************************************************************

:: Descrizione del problema

Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali vengono risolte 35 vulnerabilita'.

APSB25-14 Security update for Adobe Acrobat Reader
APSB25-17 Security update for Adobe Illustrator
APSB25-19 Security update for Adobe InDesign
APSB25-16 Security update for Adobe Substance 3D Sampler
APSB25-18 Security update for Adobe Substance 3D Painter
APSB25-21 Security update for Adobe Substance 3D Modeler
APSB25-22 Security update for Adobe Substance 3D Designer

Maggiori informazioni sono disponibili alla sezione "Riferimenti".


:: Software interessato

Acrobat DC 25.001.20428 e versioni precedenti
Acrobat 2024 24.001.30225 e versioni precedenti
Acrobat 2020 20.005.30748 e versioni precedenti
Acrobat Reader DC 25.001.20428 e versioni precedenti
Acrobat Reader 2020 20.005.30748 e versioni precedenti

Illustrator 2025 29.2.1 e versioni precedenti
Illustrator 2024 28.7.4 e versioni precedenti

Adobe InDesign ID20.1 e versioni precedenti
Adobe InDesign ID19.5.2 e versioni precedenti

Adobe Substance 3D Sampler 4.5.2 e versioni precedenti
Adobe Substance 3D Painter 10.1.2 e versioni precedenti
Adobe Substance 3D Modeler 1.15 e versioni precedenti
Adobe Substance 3D Designer 14.1 e versioni precedenti


:: Impatto

Esecuzione remota di codice arbitrario (RCE)
Rivelazione di informazioni (ID)
Denial of Service (DoS)


:: Soluzioni

Aggiornare i prodotti software alle versioni piu' recenti.

Acrobat DC Continuous 25.001.20432
Acrobat 2024 Classic 2024 24.001.30235
Acrobat 2020 Classic 2020 20.005.30763
Acrobat Reader DC Continuous 25.001.20432
Acrobat Reader 2020 Classic 2020 20.005.30763

Illustrator 2025 29.3 and above
Illustrator 2024 28.7.5 and above

Adobe InDesign ID20.2
Adobe InDesign ID19.5.3

Adobe Substance 3D Sampler 5.0
Adobe Substance 3D Painter 11.0
Adobe Substance 3D Modeler 1.21.0
Adobe Substance 3D Designer 14.1.1


:: Riferimenti

Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/Home.html
https://helpx.adobe.com/security.html/security/security-bulletin.html
https://helpx.adobe.com/security/products/acrobat/apsb25-14.html
https://helpx.adobe.com/security/products/illustrator/apsb25-17.html
https://helpx.adobe.com/security/products/indesign/apsb25-19.html
https://helpx.adobe.com/security/products/substance3d-sampler/apsb25-16.html
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-18.html
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-21.html
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-22.html

Mitre CVE
https://www.cvedetails.com/vulnerability-list.php?vendor_id=53&year=2025&month=03


GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----

iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ9KwsQ0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCP6UAoNGMBs1/ZEuENaovfmxg8cvS3xA+AKCIU44s1szH
GV/Foqj2DlJ9AHCfXw==
=vc9b
-----END PGP SIGNATURE-----