Alert GCSA-25020 - Adobe Security Bulletin - Febbraio 2025
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25020
Data: 12 Febbraio 2025
Titolo: Adobe Security Bulletin - Febbraio 2025
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:
APSB25-01 : Security update available for Adobe InDesign
APSB25-08 : Security update available for Adobe Commerce
APSB25-09 : Security update available for Adobe Substance 3D Stager
APSB25-10 : Security update available for Adobe InCopy
APSB25-11 : Security update available for Adobe Illustrator
APSB25-12 : Security update available for Adobe Substance 3D Designer
APSB25-13 : Security update available for Adobe Photoshop Elements
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe InDesign
Adobe Commerce
Adobe Commerce B2B
Magento Open Source
Adobe Substance 3D Stager
Adobe InCopy
Illustrator 2024
Illustrator 2025
Adobe Substance 3D Designer
Photoshop Elements
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle restrizioni di sicurezza (SRB)
:: Soluzioni
Aggiornare i software all'ultima versione:
Adobe InDesign ID20.1, ID19.5.2
Adobe Commerce 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12
Adobe Commerce B2B 1.5.1, 1.4.2-p4, 1.3.5-p9, 1.3.4-p10, 1.3.3-p12
Magento Open Source 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12
Adobe Substance 3D Stager 3.1.1
Adobe InCopy 20.1, 19.5.2
Illustrator 2024 28.7.4
Illustrator 2025 29.2.1
Adobe Substance 3D Designer 14.1
Photoshop Elements 2025.1 [build: 20250124.PSE.f552973b, 20250124.PSE.5345f07d (Mac ARM)]
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/Home.html
https://helpx.adobe.com/security/products/indesign/apsb25-01.html
https://helpx.adobe.com/security/products/magento/apsb25-08.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-09.html
https://helpx.adobe.com/security/products/incopy/apsb25-10.html
https://helpx.adobe.com/security/products/illustrator/apsb25-11.html
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-12.html
https://helpx.adobe.com/security/products/photoshop_elements/apsb25-13.html
CSIRT Italia
https://www.acn.gov.it/portale/w/adobe-aggiornamenti-di-sicurezza
CIS - Center for Interner Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-adobe-products-could-allow-for-arbitrary-code-execution_2025-015
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21156
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21157
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21158
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21163
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24409
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24420
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24421
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24422
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24424
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24427
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24429
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24430
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24432
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24434
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24437
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24438
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ62g6QAKCRDBnEyTZRJg
QlIbAKDZnUsssxVPfF96ip/LtDC/k6jeBACbBHCsYqU/yohzi8g8aE1y59ijvAE=
=JkZb
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25020
Data: 12 Febbraio 2025
Titolo: Adobe Security Bulletin - Febbraio 2025
******************************************************************
:: Descrizione del problema
Adobe ha rilasciato i seguenti aggiornamenti di sicurezza:
APSB25-01 : Security update available for Adobe InDesign
APSB25-08 : Security update available for Adobe Commerce
APSB25-09 : Security update available for Adobe Substance 3D Stager
APSB25-10 : Security update available for Adobe InCopy
APSB25-11 : Security update available for Adobe Illustrator
APSB25-12 : Security update available for Adobe Substance 3D Designer
APSB25-13 : Security update available for Adobe Photoshop Elements
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Adobe InDesign
Adobe Commerce
Adobe Commerce B2B
Magento Open Source
Adobe Substance 3D Stager
Adobe InCopy
Illustrator 2024
Illustrator 2025
Adobe Substance 3D Designer
Photoshop Elements
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Bypass delle restrizioni di sicurezza (SRB)
:: Soluzioni
Aggiornare i software all'ultima versione:
Adobe InDesign ID20.1, ID19.5.2
Adobe Commerce 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12
Adobe Commerce B2B 1.5.1, 1.4.2-p4, 1.3.5-p9, 1.3.4-p10, 1.3.3-p12
Magento Open Source 2.4.8-beta2, 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12
Adobe Substance 3D Stager 3.1.1
Adobe InCopy 20.1, 19.5.2
Illustrator 2024 28.7.4
Illustrator 2025 29.2.1
Adobe Substance 3D Designer 14.1
Photoshop Elements 2025.1 [build: 20250124.PSE.f552973b, 20250124.PSE.5345f07d (Mac ARM)]
:: Riferimenti
Adobe Security Bulletins e Advisories
https://helpx.adobe.com/security/security-bulletin.html
https://helpx.adobe.com/security/Home.html
https://helpx.adobe.com/security/products/indesign/apsb25-01.html
https://helpx.adobe.com/security/products/magento/apsb25-08.html
https://helpx.adobe.com/security/products/substance3d_stager/apsb25-09.html
https://helpx.adobe.com/security/products/incopy/apsb25-10.html
https://helpx.adobe.com/security/products/illustrator/apsb25-11.html
https://helpx.adobe.com/security/products/substance3d_designer/apsb25-12.html
https://helpx.adobe.com/security/products/photoshop_elements/apsb25-13.html
CSIRT Italia
https://www.acn.gov.it/portale/w/adobe-aggiornamenti-di-sicurezza
CIS - Center for Interner Security
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-adobe-products-could-allow-for-arbitrary-code-execution_2025-015
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21121
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21123
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21124
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21125
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21126
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21155
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21156
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21157
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21158
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21161
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21162
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21163
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24409
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24411
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24412
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24413
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24414
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24415
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24416
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24417
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24420
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24421
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24422
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24423
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24424
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24427
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24428
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24429
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24430
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24432
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24434
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24435
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24436
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24437
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24438
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ62g6QAKCRDBnEyTZRJg
QlIbAKDZnUsssxVPfF96ip/LtDC/k6jeBACbBHCsYqU/yohzi8g8aE1y59ijvAE=
=JkZb
-----END PGP SIGNATURE-----