CVE-2025-21133: Illustrator on iPad | Integer Underflow (Wrap or Wraparound) (CWE-191)
First published: Tue Jan 14 2025(Updated: )
Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Illustrator | <3.0.8 | |
| Adobe Illustrator on iPad | <3.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2025-21133?
CVE-2025-21133 is considered a high severity vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2025-21133?
To fix CVE-2025-21133, update Adobe Illustrator on iPad to version 3.0.8 or later.
What causes CVE-2025-21133?
CVE-2025-21133 is caused by an integer underflow vulnerability in Adobe Illustrator on iPad.
Who is affected by CVE-2025-21133?
Users of Adobe Illustrator on iPad versions 3.0.7 and earlier are affected by CVE-2025-21133.
Is user interaction required for CVE-2025-21133 exploitation?
Yes, exploitation of CVE-2025-21133 requires user interaction to open a malicious file.
- agent/weakness
- agent/title
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/severity
- agent/event
- agent/source
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- vendor/adobe
- canonical/adobe illustrator
- canonical/adobe illustrator on ipad