CVE-2025-27203

critical

Description

Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed.

References

Advisories
References

https://helpx.adobe.com/security/products/connect/apsb25-61.html

https://www.securityweek.com/adobe-patches-critical-code-execution-bugs/

Details

Source: Mitre, NVD

Published: 2025-07-08

Updated: 2025-07-10

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.6

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H