Go Ad-Free
    My Alerts
    Moneycontrol
    Moneycontrol PRO
    Loans
    Loans
    HomeTechnologyIndian Government’s security agency issues warning for these Adobe products: Warning details and tips to mitigate the threat

    Indian Government’s security agency issues warning for these Adobe products: Warning details and tips to mitigate the threat

    CERT-In has issued a medium-severity alert for multiple Adobe products, warning of security flaws that may allow code execution, data theft, or denial-of-service. Users are urged to update immediately.

    MC Tech Desk
    July 01, 2025 / 15:38 IST
    Adobe

    The Indian Computer Emergency Response Team (CERT-In), the nodal agency for cybersecurity under the Ministry of Electronics and Information Technology, has issued a security alert regarding multiple vulnerabilities in several Adobe products. Labeled with a medium severity rating, the alert (CIVN-2025-0137) was published on July 1, 2025, and targets users of Adobe’s creative and document software.

    Softwares affected

    The vulnerabilities affect a wide range of Adobe products and versions, including:

    • Adobe InCopy versions up to 20.3 and 19.5.4

    • Adobe Experience Manager (AEM) up to 6.5.23 and CS release 2025.5

    • Adobe Commerce and Commerce B2B versions before 2.4.8 and several sub-releases

    • Magento Open Source versions before 2.4.8

    • Adobe InDesign up to ID20.3 and ID19.5.4

    • Adobe Substance 3D Sampler up to 5.0.3

    • Adobe Acrobat and Reader for both Windows and Mac prior to builds 25.001.20531 and 25.001.20529

    • Acrobat 2024 and 2020 versions prior to 24.001.30254 and 20.005.30744

    • Adobe Substance 3D Painter before 11.0.2

    What’s the risk?

    CERT-In warns that these vulnerabilities could allow attackers to bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, escalate privileges, access sensitive information, or even cause denial-of-service (DoS) conditions. The flaws largely stem from memory corruption, input validation errors, and improper handling of user data.

    Who is at risk?

    The advisory is meant for system administrators, security teams, and end-users of Adobe software. It especially concerns enterprises relying on Adobe for document management, creative workflows, e-commerce, and content publishing.

    How to stay safe

    To mitigate the risk, CERT-In strongly recommends users:

    • Apply the latest security patches released by Adobe.

    • Monitor systems for unusual activity.

    • Avoid opening untrusted files or clicking suspicious links.

    • Ensure antivirus and endpoint protection solutions are active and updated.

    • Use application allowlisting to limit the execution of unapproved software.

     

    Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

    MC Tech Desk Read the latest and trending tech news—stay updated on AI, gadgets, cybersecurity, software updates, smartphones, blockchain, space tech, and the future of innovation.
    first published: Jul 1, 2025 03:38 pm

    Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

    Subscribe to Tech Newsletters

    • On Saturdays

      Find the best of Al News in one place, specially curated for you every weekend.

    • Daily-Weekdays

      Stay on top of the latest tech trends and biggest startup news.

    Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347