Serial number: AV25-485
Date: August 6, 2025
Updated: October 20, 2025
On August 5, 2025, Adobe published a security advisory to address critical vulnerabilities in the following product:
- Adobe Experience Manager (AEM) Forms on JEE – version 6.5.23.0 and prior
Adobe is aware that an exploit for CVE-2025-54253 and CVE-2025-54254 exists in the wild.
Update 1
On October 15, 2025, CISA released a statement indicating that CVE-2025-54253 is being actively exploited in the wild and added it to their Known Exploited Vulnerabilities (KEV) Catalog.
The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.