Alert GCSA-25086 - Adobe Monthly Security Update - luglio 2025
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-25086
data: 10 luglio 2025
titolo: Adobe Monthly Security Update - luglio 2025
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali risolve numerose vulnerabilita', di cui 35 con gravita'
e 3 con gravita' critica.
APSB25-49 : Security update available for Adobe After Effects
APSB25-54 : Security update available for Adobe Substance 3D Viewer
APSB25-56 : Security update available for Adobe Audition
APSB25-59 : Security update available for Adobe InCopy
APSB25-60 : Security update available for Adobe InDesign
APSB25-61 : Security update available for Adobe Connect
APSB25-63 : Security update available for Adobe Dimension
APSB25-64 : Security update available for Adobe Substance 3D Stager
APSB25-65 : Security update available for Adobe Illustrator
APSB25-66 : Security update available for Adobe FrameMaker
APSB25-67 : Security update available for Adobe AEM Forms
APSB25-68 : Security update available for Adobe AEM Screens
APSB25-69 : Security update available for Adobe ColdFusion
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Substance 3D Viewer, versione 0.22 e precedenti
InDesign, versione ID20.3 e precedenti (per Windows e macOS)
InDesign, versione ID19.5.3 e precedenti (per Windows e macOS)
Dimension, versione 4.1.2 e precedenti (per Windows e macOS)
Illustrator 2025, versione 29.5.1 e precedenti (per Windows e macOS)
Illustrator 2024, versione 28.7.6 e precedenti (per Windows e macOS)
FrameMaker 2020, Release Update 8 e precedenti (per Windows)
FrameMaker 2022, Release Update 6 e precedenti (per Windows)
ColdFusion 2025, Update 2 e precedenti
ColdFusion 2023, Update 14 e precedenti
ColdFusion 2021, Update 20 e precedenti
Experience Manager (AEM) Forms, versione 6.5.23.0 e precedenti
Connect, versione 24 e precedenti (per Windows)
InCopy, versione 20.3 e precedenti (per Windows e macOS)
InCopy, versione 19.5.3 e precedenti (per Windows e macOS)
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Rivelazione di informazioni (ID)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle funzionalita' di sicurezza (SFB)
:: Soluzioni
Aggiornare i prodotti alle versioni piu' recenti
Adobe Substance 3D Viewer 2.5
Adobe After Effects 24.6.7, 25.3
Adobe Audition 24.6.7, 25.3
Adobe InCopy 20.4, 19.5.4
Adobe InDesign ID20.4, ID19.5.4
Connect Windows App 25.1
Adobe Dimension 4.1.3
Adobe Substance 3D Stager 31.3
Illustrator 2025 29.6 e superiori
Illustrator 2024 28.7.8 e superiori
Adobe FrameMaker FrameMaker 2020 Update 9
Adobe FrameMaker FrameMaker 2022 Update 7
Adobe Experience Manager (AEM) Forms on JEE 6.5.0.0.20250527.0
Adobe Experience Manager (AEM) Screens AEM 6.5.22 Screens FP11.6
ColdFusion 2025 Update 3
ColdFusion 2023 Update 15
ColdFusion 2021 Update 21
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security.html
https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-54.html
https://helpx.adobe.com/security/products/after_effects/apsb25-49.html
https://helpx.adobe.com/security/products/audition/apsb25-56.html
https://helpx.adobe.com/security/products/incopy/apsb25-59.html
https://helpx.adobe.com/security/products/indesign/apsb25-60.html
https://helpx.adobe.com/security/products/connect/apsb25-61.html
https://helpx.adobe.com/security/products/dimension/apsb25-63.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-64.html
https://helpx.adobe.com/security/products/illustrator/apsb25-65.html
https://helpx.adobe.com/security/products/framemaker/apsb25-66.html
https://helpx.adobe.com/security/products/aem-forms/apsb25-67.html
https://helpx.adobe.com/security/products/aem-screens/apsb25-68.html
https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html
CSIRT Italia
https://www.acn.gov.it/portale/w/adobe-aggiornamenti-di-sicurezza-5
CVEdetails.com
https://www.cvedetails.com/vulnerability-list.php?vendor_id=53&year=2025&month=06
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaG+yygAKCRDBnEyTZRJg
QvrtAJ9ysXQGj4teKc6tJPcuEtVsob7lGQCfc+i6KHM51UoP7r3mNrTTL2rBjE4=
=3MP3
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-25086
data: 10 luglio 2025
titolo: Adobe Monthly Security Update - luglio 2025
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza
con i quali risolve numerose vulnerabilita', di cui 35 con gravita'
e 3 con gravita' critica.
APSB25-49 : Security update available for Adobe After Effects
APSB25-54 : Security update available for Adobe Substance 3D Viewer
APSB25-56 : Security update available for Adobe Audition
APSB25-59 : Security update available for Adobe InCopy
APSB25-60 : Security update available for Adobe InDesign
APSB25-61 : Security update available for Adobe Connect
APSB25-63 : Security update available for Adobe Dimension
APSB25-64 : Security update available for Adobe Substance 3D Stager
APSB25-65 : Security update available for Adobe Illustrator
APSB25-66 : Security update available for Adobe FrameMaker
APSB25-67 : Security update available for Adobe AEM Forms
APSB25-68 : Security update available for Adobe AEM Screens
APSB25-69 : Security update available for Adobe ColdFusion
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Substance 3D Viewer, versione 0.22 e precedenti
InDesign, versione ID20.3 e precedenti (per Windows e macOS)
InDesign, versione ID19.5.3 e precedenti (per Windows e macOS)
Dimension, versione 4.1.2 e precedenti (per Windows e macOS)
Illustrator 2025, versione 29.5.1 e precedenti (per Windows e macOS)
Illustrator 2024, versione 28.7.6 e precedenti (per Windows e macOS)
FrameMaker 2020, Release Update 8 e precedenti (per Windows)
FrameMaker 2022, Release Update 6 e precedenti (per Windows)
ColdFusion 2025, Update 2 e precedenti
ColdFusion 2023, Update 14 e precedenti
ColdFusion 2021, Update 20 e precedenti
Experience Manager (AEM) Forms, versione 6.5.23.0 e precedenti
Connect, versione 24 e precedenti (per Windows)
InCopy, versione 20.3 e precedenti (per Windows e macOS)
InCopy, versione 19.5.3 e precedenti (per Windows e macOS)
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Rivelazione di informazioni (ID)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle funzionalita' di sicurezza (SFB)
:: Soluzioni
Aggiornare i prodotti alle versioni piu' recenti
Adobe Substance 3D Viewer 2.5
Adobe After Effects 24.6.7, 25.3
Adobe Audition 24.6.7, 25.3
Adobe InCopy 20.4, 19.5.4
Adobe InDesign ID20.4, ID19.5.4
Connect Windows App 25.1
Adobe Dimension 4.1.3
Adobe Substance 3D Stager 31.3
Illustrator 2025 29.6 e superiori
Illustrator 2024 28.7.8 e superiori
Adobe FrameMaker FrameMaker 2020 Update 9
Adobe FrameMaker FrameMaker 2022 Update 7
Adobe Experience Manager (AEM) Forms on JEE 6.5.0.0.20250527.0
Adobe Experience Manager (AEM) Screens AEM 6.5.22 Screens FP11.6
ColdFusion 2025 Update 3
ColdFusion 2023 Update 15
ColdFusion 2021 Update 21
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security.html
https://helpx.adobe.com/security/products/substance3d-viewer/apsb25-54.html
https://helpx.adobe.com/security/products/after_effects/apsb25-49.html
https://helpx.adobe.com/security/products/audition/apsb25-56.html
https://helpx.adobe.com/security/products/incopy/apsb25-59.html
https://helpx.adobe.com/security/products/indesign/apsb25-60.html
https://helpx.adobe.com/security/products/connect/apsb25-61.html
https://helpx.adobe.com/security/products/dimension/apsb25-63.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-64.html
https://helpx.adobe.com/security/products/illustrator/apsb25-65.html
https://helpx.adobe.com/security/products/framemaker/apsb25-66.html
https://helpx.adobe.com/security/products/aem-forms/apsb25-67.html
https://helpx.adobe.com/security/products/aem-screens/apsb25-68.html
https://helpx.adobe.com/security/products/coldfusion/apsb25-69.html
CSIRT Italia
https://www.acn.gov.it/portale/w/adobe-aggiornamenti-di-sicurezza-5
CVEdetails.com
https://www.cvedetails.com/vulnerability-list.php?vendor_id=53&year=2025&month=06
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaG+yygAKCRDBnEyTZRJg
QvrtAJ9ysXQGj4teKc6tJPcuEtVsob7lGQCfc+i6KHM51UoP7r3mNrTTL2rBjE4=
=3MP3
-----END PGP SIGNATURE-----