Serial number: AV25-583
Date: September 10, 2025
Updated: October 23, 2025
On September 9, 2025, Adobe published security advisories to address vulnerabilities in the following products:
- Acrobat DC – version Win – 25.001.20672, Mac – 25.001.20668 and prior
- Acrobat Reader DC – version Win – 25.001.20672, Mac – 25.001.20668 and prior
- Acrobat 2024 – version Win & Mac – 24.001.30254 and prior
- Acrobat 2020 – version Win & Mac – 20.005.30774 and prior
- Acrobat Reader 2020 – version Win & Mac – 20.005.30774 and prior
- Adobe After Effects – version 24.6.7 and prior
- Adobe After Effects – version 25.3 and prior
- Adobe Premiere Pro – version 25.3 and prior
- Adobe Premiere Pro – version 24.6.5 and prior
- Adobe Commerce – multiple versions
- Adobe Commerce B2B – multiple versions
- Magento Open Source – multiple versions
- Adobe Substance 3D Viewer – version 0.25.1 and prior
- Adobe Experience Manager (AEM) – version AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) version 6.5 LTS SP1 and prior
- Adobe Experience Manager (AEM) – version 6.5.23 and prior
- Adobe Dreamweaver – version 21.5 and prior
- Adobe Substance 3D Modeler – version 1.22.2 and prior
- ColdFusion 2025 – version Update 3 and prior
- ColdFusion 2023 – version Update 15 and prior
- ColdFusion 2021 – version Update 21 and prior
Update 1
On October 22, 2025, the Cyber Centre became aware of open-source reporting that CVE-2025-54236 affecting Adobe Commerce is being actively exploited in the wild.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.