CVE-2025-27185

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-27185
After Effects versions 25.1, 24.6.4 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://helpx.adobe.com/security/products/after_effects/apsb25-23.html Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
OR cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
History

18 Apr 2025, 14:38

Type Values Removed Values Added
CPE cpe:2.3:a:adobe:after_effects:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*
First Time Apple macos
Microsoft windows
Adobe
Microsoft
Apple
Adobe after Effects
References () https://helpx.adobe.com/security/products/after_effects/apsb25-23.html - () https://helpx.adobe.com/security/products/after_effects/apsb25-23.html - Vendor Advisory

09 Apr 2025, 20:03

Type Values Removed Values Added
Summary
  • (es) Las versiones 25.1, 24.6.4 y anteriores de After Effects se ven afectadas por una vulnerabilidad de desreferencia de puntero nulo que podría provocar una denegación de servicio (DSP) en la aplicación. Un atacante podría explotar esta vulnerabilidad para bloquear la aplicación y provocar una DSP. Para explotar este problema, es necesario que la víctima abra un archivo malicioso.

08 Apr 2025, 18:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-04-08 18:15

Updated : 2025-04-18 14:38

NVD link : CVE-2025-27185

Mitre link : CVE-2025-27185

CVE.ORG link : CVE-2025-27185

JSON object : View

Products Affected

apple

  • macos

adobe

  • after_effects

microsoft

  • windows
CWE
CWE-476

NULL Pointer Dereference