Alert GCSA-25118 - Adobe Security Bulletin - Ottobre 2025
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25118
Data: 15 Ottobre 2025
Titolo: Adobe Security Bulletin - Ottobre 2025
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:
APSB25-70 : Security update available for Adobe Connect
APSB25-94 : Security update available for Adobe Commerce
APSB25-95 : Security update available for Adobe Creative Cloud Desktop
APSB25-96 : Security update available for Adobe Bridge
APSB25-97 : Security update available for Adobe Animate
APSB25-98 : Security update available for Adobe Experience Manager Screens
APSB25-99 : Security update available for Adobe Substance 3D Viewer
APSB25-100 : Security update available for Adobe Substance 3D Modeler
APSB25-101 : Security update available for Adobe FrameMaker
APSB25-102 : Security update available for Adobe Illustrator
APSB25-103 : Security update available for Adobe Dimension
APSB25-104 : Security update available for Adobe Substance 3D Stager
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe Connect 12.9 e versioni precedenti
Adobe Commerce 2.4.9-alpha2 e versioni precedenti
Adobe Commerce 2.4.8-p2 e versioni precedenti
Adobe Commerce 2.4.7-p7 e versioni precedenti
Adobe Commerce 2.4.6-p12 e versioni precedenti
Adobe Commerce 2.4.5-p14 e versioni precedenti
Adobe Commerce 2.4.4-p15 e versioni precedenti
Adobe Commerce B2B 1.5.3-alpha2 e versioni precedenti
Adobe Commerce B2B 1.5.2-p2 e versioni precedenti
Adobe Commerce B2B 1.4.2-p7 e versioni precedenti
Adobe Commerce B2B 1.3.5-p12 e versioni precedenti
Adobe Commerce B2B 1.3.4-p14 e versioni precedenti
Adobe Commerce B2B 1.3.3-p15 e versioni precedenti
Magento Open Source 2.4.9-alpha2 e versioni precedenti
Magento Open Source 2.4.8-p2 e versioni precedenti
Magento Open Source 2.4.7-p7 e versioni precedenti
Magento Open Source 2.4.6-p12 e versioni precedenti
Magento Open Source 2.4.5-p14 e versioni precedenti
Creative Cloud Desktop Application 6.7.0.278 e versioni precedenti
Adobe Bridge 14.1.8 (LTS) e versioni precedenti
Adobe Bridge 15.1.1 e versioni precedenti
Adobe Animate 2023 23.0.13 e versioni precedenti
Adobe Animate 2024 24.0.10 e versioni precedenti
Adobe Experience Manager (AEM) Screens AEM 6.5.22 Screens FP11.6
Adobe Substance 3D Viewer 0.25.2 e versioni precedenti
Adobe Substance 3D Modeler 1.22.3 e versioni precedenti
Adobe FrameMaker 2020 Release Update 9 e versioni precedenti
Adobe FrameMaker 2022 Release Update 7 e versioni precedenti
Illustrator 2025 29.7 e versioni precedenti
Illustrator 2024 28.7.9 e versioni precedenti
Adobe Dimension 4.1.4 e versioni precedenti
Adobe Substance 3D Stager 3.1.4 e versioni precedenti
:: Impatto
Remote Code Execution
Denial of Service
Data Manipulation
Security Restriction Bypass
Information Disclosure
Elevation of Privilege
Cross-Site Scripting
:: Soluzioni
Aggiornare i software all'ultima versione:
Adobe Connect 12.10
Adobe Commerce 2.4.9-alpha2
Adobe Commerce 2.4.8-p3
Adobe Commerce 2.4.7-p8
Adobe Commerce 2.4.6-p13
Adobe Commerce 2.4.5-p15
Adobe Commerce 2.4.4 p16
Adobe Commerce B2B 1.5.3-alpha3
Adobe Commerce B2B 1.5.2-p3
Adobe Commerce B2B 1.4.2-p8
Adobe Commerce B2B 1.3.4-p13
Adobe Commerce B2B 1.3.3-p14
Adobe Commerce B2B 1.3.3-p16
Magento Open Source 2.4.9-alpha3
Magento Open Source 2.4.8-p3
Magento Open Source 2.4.7-p8
Magento Open Source 2.4.6-p13
Magento Open Source 2.4.5-p15
Creative Cloud Desktop Application 6.8.0.821
Adobe Bridge 14.1.9 (LTS)
Adobe Bridge 15.1.2
Adobe Animate 2023 23.0.15
Adobe Animate 2024 24.0.12
Adobe Experience Manager (AEM) Screens AEM 6.5.22 Screens FP11.7
Adobe Substance 3D Viewer 0.25.3
Adobe Substance 3D Modeler 1.22.4
Adobe FrameMaker 2020 Release Update 10
Adobe FrameMaker 2022 Release Update 8
Illustrator 2025 29.8
Illustrator 2024 28.7.10
Adobe Dimension 4.1.5
Adobe Substance 3D Stager 3.1.5
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/products/connect/apsb25-70.html
https://helpx.adobe.com/security/products/magento/apsb25-94.html
https://helpx.adobe.com/security/products/creative-cloud/apsb25-95.html
https://helpx.adobe.com/security/products/bridge/apsb25-96.html
https://helpx.adobe.com/security/products/animate/apsb25-97.html
https://helpx.adobe.com/security/products/aem-screens/apsb25-98.html
https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-99.html
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-100.html
https://helpx.adobe.com/security/products/framemaker/apsb25-101.html
https://helpx.adobe.com/security/products/illustrator/apsb25-102.html
https://helpx.adobe.com/security/products/dimension/apsb25-103.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-104.html
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21128
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21132
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21135
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21139
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaO9t4A0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCXMkAoK0H3sa/wwHjRJB9eVNGOnSpafHPAJ4v4qLyRqGk
FrwUsHhGDA7kUx2oMQ==
=tV2s
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25118
Data: 15 Ottobre 2025
Titolo: Adobe Security Bulletin - Ottobre 2025
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:
APSB25-70 : Security update available for Adobe Connect
APSB25-94 : Security update available for Adobe Commerce
APSB25-95 : Security update available for Adobe Creative Cloud Desktop
APSB25-96 : Security update available for Adobe Bridge
APSB25-97 : Security update available for Adobe Animate
APSB25-98 : Security update available for Adobe Experience Manager Screens
APSB25-99 : Security update available for Adobe Substance 3D Viewer
APSB25-100 : Security update available for Adobe Substance 3D Modeler
APSB25-101 : Security update available for Adobe FrameMaker
APSB25-102 : Security update available for Adobe Illustrator
APSB25-103 : Security update available for Adobe Dimension
APSB25-104 : Security update available for Adobe Substance 3D Stager
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe Connect 12.9 e versioni precedenti
Adobe Commerce 2.4.9-alpha2 e versioni precedenti
Adobe Commerce 2.4.8-p2 e versioni precedenti
Adobe Commerce 2.4.7-p7 e versioni precedenti
Adobe Commerce 2.4.6-p12 e versioni precedenti
Adobe Commerce 2.4.5-p14 e versioni precedenti
Adobe Commerce 2.4.4-p15 e versioni precedenti
Adobe Commerce B2B 1.5.3-alpha2 e versioni precedenti
Adobe Commerce B2B 1.5.2-p2 e versioni precedenti
Adobe Commerce B2B 1.4.2-p7 e versioni precedenti
Adobe Commerce B2B 1.3.5-p12 e versioni precedenti
Adobe Commerce B2B 1.3.4-p14 e versioni precedenti
Adobe Commerce B2B 1.3.3-p15 e versioni precedenti
Magento Open Source 2.4.9-alpha2 e versioni precedenti
Magento Open Source 2.4.8-p2 e versioni precedenti
Magento Open Source 2.4.7-p7 e versioni precedenti
Magento Open Source 2.4.6-p12 e versioni precedenti
Magento Open Source 2.4.5-p14 e versioni precedenti
Creative Cloud Desktop Application 6.7.0.278 e versioni precedenti
Adobe Bridge 14.1.8 (LTS) e versioni precedenti
Adobe Bridge 15.1.1 e versioni precedenti
Adobe Animate 2023 23.0.13 e versioni precedenti
Adobe Animate 2024 24.0.10 e versioni precedenti
Adobe Experience Manager (AEM) Screens AEM 6.5.22 Screens FP11.6
Adobe Substance 3D Viewer 0.25.2 e versioni precedenti
Adobe Substance 3D Modeler 1.22.3 e versioni precedenti
Adobe FrameMaker 2020 Release Update 9 e versioni precedenti
Adobe FrameMaker 2022 Release Update 7 e versioni precedenti
Illustrator 2025 29.7 e versioni precedenti
Illustrator 2024 28.7.9 e versioni precedenti
Adobe Dimension 4.1.4 e versioni precedenti
Adobe Substance 3D Stager 3.1.4 e versioni precedenti
:: Impatto
Remote Code Execution
Denial of Service
Data Manipulation
Security Restriction Bypass
Information Disclosure
Elevation of Privilege
Cross-Site Scripting
:: Soluzioni
Aggiornare i software all'ultima versione:
Adobe Connect 12.10
Adobe Commerce 2.4.9-alpha2
Adobe Commerce 2.4.8-p3
Adobe Commerce 2.4.7-p8
Adobe Commerce 2.4.6-p13
Adobe Commerce 2.4.5-p15
Adobe Commerce 2.4.4 p16
Adobe Commerce B2B 1.5.3-alpha3
Adobe Commerce B2B 1.5.2-p3
Adobe Commerce B2B 1.4.2-p8
Adobe Commerce B2B 1.3.4-p13
Adobe Commerce B2B 1.3.3-p14
Adobe Commerce B2B 1.3.3-p16
Magento Open Source 2.4.9-alpha3
Magento Open Source 2.4.8-p3
Magento Open Source 2.4.7-p8
Magento Open Source 2.4.6-p13
Magento Open Source 2.4.5-p15
Creative Cloud Desktop Application 6.8.0.821
Adobe Bridge 14.1.9 (LTS)
Adobe Bridge 15.1.2
Adobe Animate 2023 23.0.15
Adobe Animate 2024 24.0.12
Adobe Experience Manager (AEM) Screens AEM 6.5.22 Screens FP11.7
Adobe Substance 3D Viewer 0.25.3
Adobe Substance 3D Modeler 1.22.4
Adobe FrameMaker 2020 Release Update 10
Adobe FrameMaker 2022 Release Update 8
Illustrator 2025 29.8
Illustrator 2024 28.7.10
Adobe Dimension 4.1.5
Adobe Substance 3D Stager 3.1.5
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/products/connect/apsb25-70.html
https://helpx.adobe.com/security/products/magento/apsb25-94.html
https://helpx.adobe.com/security/products/creative-cloud/apsb25-95.html
https://helpx.adobe.com/security/products/bridge/apsb25-96.html
https://helpx.adobe.com/security/products/animate/apsb25-97.html
https://helpx.adobe.com/security/products/aem-screens/apsb25-98.html
https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-99.html
https://helpx.adobe.com/security/products/substance3d-modeler/apsb25-100.html
https://helpx.adobe.com/security/products/framemaker/apsb25-101.html
https://helpx.adobe.com/security/products/illustrator/apsb25-102.html
https://helpx.adobe.com/security/products/dimension/apsb25-103.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-104.html
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21128
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21131
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21132
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21134
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21135
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21136
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21137
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21138
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21139
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaO9t4A0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCXMkAoK0H3sa/wwHjRJB9eVNGOnSpafHPAJ4v4qLyRqGk
FrwUsHhGDA7kUx2oMQ==
=tV2s
-----END PGP SIGNATURE-----