CVE-2025-30304: 
Adobe Framemaker vulnerability analysis and mitigation

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an out-of-bounds write vulnerability identified as CVE-2025-30304. The vulnerability was discovered and disclosed on April 8, 2025, requiring user interaction through opening a malicious file to be exploited (NVD, Adobe Advisory).

The vulnerability is classified as an out-of-bounds write (CWE-787) with a CVSS v3.1 base score of 7.8 (High). The attack vector is local (AV:L), with low attack complexity (AC:L), requiring no privileges (PR:N) but user interaction (UI:R). The scope is unchanged (S:U), with high impacts on confidentiality, integrity, and availability (C:H/I:H/A:H) (NVD).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user, potentially allowing an attacker to execute malicious code with the same privileges as the victim (NVD).

Adobe has released security updates to address this vulnerability. Users of affected versions should update their installations to the latest version to protect against potential threats (Adobe Advisory).