Bulletin ID
Last updated on
Nov 11, 2025
Security update available for Adobe Pass | APSB25-112
|
|
Date Published |
Priority |
|---|---|---|
|
APSB25-112 |
November 11, 2025 |
3 |
Summary
Adobe has released a security update for Adobe Pass. This update resolves an important vulnerability that could lead to privilege escalation.
Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
Affected Versions
|
Product |
Affected Versions |
Platform |
|---|---|---|
|
Adobe Pass Authentication Android SDK |
3.7.3 and earlier versions |
Android |
Solution
Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version via the Creative Cloud desktop app's update mechanism. For more information, please reference this help page.
|
Product |
Updated Version |
Platform |
Priority rating |
|---|---|---|---|
|
Adobe Pass Authentication Android SDK |
3.8.0 |
Android |
3 |
Vulnerability Details
Vulnerability Details
|
Vulnerability Category |
Vulnerability Impact |
Severity |
CVSS base score |
CVE Numbers |
|
|
Incorrect Authorization (CWE-863) |
Privilege escalation |
Important |
6.8 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N |
CVE-2025-61830 |
Acknowledgements
Acknowledgements
Adobe would like to thank the following researcher for reporting these issues and for working with Adobe to help protect our customers:
- Ahmed Sameh (sameh-exploit1) - CVE-2025-61830
NOTE: Adobe has a public bug bounty program with HackerOne. If you are interested in working with Adobe as an external security researcher, please check out https://hackerone.com/adobe
For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com.
