Adobe Family August 2025 Security Update Advisory
Overview
Adobe (https://adobe.com) has released a security update that addresses a vulnerability in its supplied products. Users of affected systems are advised to update to the latest version.
Affected Products
Adobe FrameMaker 2020 Release Update 8 and earlier
Adobe FrameMaker 2022 Release Update 6 and earlier
Adobe Substance 3D Stager 3.1.3 and earlier
Adobe InCopy 20.4 and earlier versions
Adobe InCopy 19.5.4 and earlier
Adobe InDesign ID20.4 and earlier
Adobe InDesign ID19.5.4 and earlier
Adobe Substance 3D Painter 11.0.2 and earlier
Adobe Substance 3D Modeler 1.22.0 and earlier
Photoshop 2025 26.8 and earlier
Photoshop 2024 25.12.3 and earlier
Illustrator 2025 29.6.1 and earlier
Illustrator 2024 28.7.8 and earlier
Adobe Animate 2023 23.0.12 and earlier
Adobe Animate 2024 24.0.9 and earlier
Adobe Substance 3D Viewer 0.25 and earlier
Adobe Commerce 2.4.9-alpha1
Adobe Commerce 2.4.8-p1 and earlier
Adobe Commerce 2.4.7-p6 and earlier
Adobe Commerce 2.4.6-p11 and earlier
Adobe Commerce 2.4.5-p13 and earlier
Adobe Commerce 2.4.4-p14 and earlier
Adobe Commerce B2B 1.5.3-alpha1
Adobe Commerce B2B 1.5.2-p1 and earlier
Adobe Commerce B2B 1.4.2-p6 and earlier
Adobe Commerce B2B 1.3.5-p11 and earlier
Adobe Commerce B2B 1.3.4-p13 and earlier
Adobe Commerce B2B 1.3.3-p14 and earlier
Magento Open Source 2.4.9-alpha1
Magento Open Source 2.4.8-p1 and earlier
Magento Open Source 2.4.7-p6 and earlier
Magento Open Source 2.4.6-p11 and earlier
Magento Open Source 2.4.5-p13 and earlier
Resolved Vulnerabilities
Arbitrary code execution vulnerability due to use after free memory in Adobe FrameMaker (CVE-2025-54229)
Arbitrary code execution vulnerability due to post-free memory usage in Adobe FrameMaker (CVE-2025-54230)
Arbitrary code execution vulnerability due to post-free memory usage in Adobe FrameMaker (CVE-2025-54231)
Arbitrary code execution vulnerability due to post-free memory usage in Adobe FrameMaker (CVE-2025-54232)
Arbitrary code execution vulnerability due to out-of-bounds write in Adobe Substance 3D Stager (CVE-2025-54222)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe InCopy (CVE-2025-54215)
Arbitrary code execution vulnerability due to out-of-bounds writes in Adobe InCopy (CVE-2025-54216)
Arbitrary code execution vulnerability due to a heap-based buffer overflow in Adobe InCopy (CVE-2025-54217)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe InCopy (CVE-2025-54218)
Arbitrary code execution vulnerability due to a heap-based buffer overflow in Adobe InCopy (CVE-2025-54219)
Arbitrary code execution vulnerability due to heap-based buffer overflow in Adobe InCopy (CVE-2025-54220)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe InCopy (CVE-2025-54221)
Arbitrary code execution vulnerability due to use after free memory in Adobe InCopy (CVE-2025-54223)
Arbitrary code execution vulnerability due to out-of-bounds write in Adobe InDesign (CVE-2025-54206)
Arbitrary code execution vulnerability due to uninitialized pointer access in Adobe InDesign (CVE-2025-54207)
Arbitrary code execution vulnerability due to out-of-bounds writes in Adobe InDesign (CVE-2025-54208)
Arbitrary code execution vulnerability due to a heap-based buffer overflow in Adobe InDesign (CVE-2025-54209)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe InDesign (CVE-2025-54210)
Arbitrary code execution vulnerability due to a heap-based buffer overflow in Adobe InDesign (CVE-2025-54211)
Arbitrary code execution vulnerability due to a heap-based buffer overflow in Adobe InDesign (CVE-2025-54212)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe InDesign (CVE-2025-54213)
Arbitrary code execution vulnerability due to use after memory release in Adobe InDesign (CVE-2025-54224)
Arbitrary code execution vulnerability due to use after free memory in Adobe InDesign (CVE-2025-54225)
Arbitrary code execution vulnerability due to post-free memory usage in Adobe InDesign (CVE-2025-54226)
Arbitrary code execution vulnerability due to out-of-bounds write in Adobe Substance 3D Painter (CVE-2025-54187)
Arbitrary code execution vulnerability due to an uncontrolled search path element in Adobe Substance 3D Modeler (CVE-2025-49571)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe Substance 3D Modeler (CVE-2025-49572)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe Substance 3D Modeler (CVE-2025-49573)
Arbitrary code execution vulnerability due to out-of-bounds write in Adobe Photoshop (CVE-2025-49570)
Arbitrary code execution vulnerability due to out-of-bounds writes in Adobe Illustrator (CVE-2025-49563)
Arbitrary code execution vulnerability due to a stack-based buffer overflow in Adobe Illustrator (CVE-2025-49564)
Arbitrary code execution vulnerability in Adobe Animate due to use after free memory (CVE-2025-49561)
Arbitrary code execution vulnerability due to a heap-based buffer overflow in Adobe Substance 3D Viewer (CVE-2025-49560)
Arbitrary code execution vulnerability due to an out-of-bounds write in Adobe Substance 3D Viewer (CVE-2025-49569)
Application denial of service vulnerability due to improper input validation in Adobe Commerce and Magento Open Source (CVE-2025-49554)
Privilege escalation vulnerability due to cross-site request forgery (CSRF) in Adobe Commerce and Magento Open Source (CVE-2025-49555)
Arbitrary file system read vulnerability due to improper authorization in Adobe Commerce and Magento Open Source (CVE-2025-49556)
Privilege escalation vulnerability due to stored cross-site scripting (XSS) in Adobe Commerce and Magento Open Source (CVE-2025-49557)
Vulnerability Patches
The following product-specific Vulnerability Patches were made available in the August 12, 2025 update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
Adobe FrameMaker 2020 Release Update 9
Adobe FrameMaker 2022 Release Update 7
Adobe Substance 3D Stager 3.1.4
Adobe InCopy 20.5
Adobe InCopy 19.5.5
Adobe InDesign ID20.5
Adobe InDesign ID19.5.5
Adobe Substance 3D Painter 11.0.3
Adobe Substance 3D Modeler 1.22.2
Photoshop 2025 26.9
Photoshop 2024 25.12.4
Illustrator 2025 29.7 and later
Illustrator 2024 28.7.9 and later
Adobe Animate 2023 23.0.13
Adobe Animate 2024 24.0.10
Adobe Substance 3D Viewer 0.25.1
Adobe Commerce 2.4.9-alpha2
Adobe Commerce 2.4.8-p2
Adobe Commerce 2.4.7-p7
Adobe Commerce 2.4.6-p12
Adobe Commerce 2.4.5-p14
Adobe Commerce 2.4.4-p15
Adobe Commerce B2B 1.5.3-alpha2
Adobe Commerce B2B 1.5.2-p2
Adobe Commerce B2B 1.4.2-p7
Adobe Commerce B2B 1.3.4-p14
Adobe Commerce B2B 1.3.3-p15
Magento Open Source 2.4.9-alpha2
Magento Open Source 2.4.8-p2
Magento Open Source 2.4.7-p7
Magento Open Source 2.4.6-p12
Magento Open Source 2.4.5-p14
References
[1] Security Updates Available for Adobe FrameMaker | APSB25-83
https://helpx.adobe.com/security/products/framemaker/apsb25-83.html
[2] Security updates available for Substance 3D Stager | APSB25-81
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-81.html
[3] Security Update Available for Adobe InCopy | APSB25-80
https://helpx.adobe.com/security/products/incopy/apsb25-80.html
[4] Security Update Available for Adobe InDesign | APSB25-79
https://helpx.adobe.com/security/products/indesign/apsb25-79.html
[5] Security updates available for Substance 3D Painter | APSB25-77
https://helpx.adobe.com/security/products/substance3d_painter/apsb25-77.html
[6] Security updates available for Substance 3D Modeler | APSB25-76
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-76.html
[7] Security update available for Adobe Photoshop | APSB25-75
https://helpx.adobe.com/security/products/photoshop/apsb25-75.html
[8] Security Updates Available for Adobe Illustrator | APSB25-74
https://helpx.adobe.com/security/products/illustrator/apsb25-74.html
[9] Security updates available for Adobe Animate | APSB25-73
https://helpx.adobe.com/security/products/animate/apsb25-73.html
[10] Security updates available for Substance 3D Viewer | APSB25-72
https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-72.html
[11] Security update available for Adobe Commerce | APSB25-71
https://helpx.adobe.com/security/products/magento/apsb25-71.html