CVE-2025-61830

high

Description

Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install a malicious SDK.

References

Advisories
References

https://helpx.adobe.com/security/products/pass/apsb25-112.html

https://www.securityweek.com/adobe-patches-nearly-140-vulnerabilities/

Details

Source: Mitre, NVD

Published: 2025-11-11

Updated: 2025-11-12

Risk Information

CVSS v2

Base Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:N

Severity: Medium

CVSS v3

Base Score: 8.4

Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00036