Check Point Advisories

Adobe Multiple Products Remote Code Execution (CVE-2025-54236)

Check Point Reference: CPAI-2025-4987
Date Published: 23 Oct 2025
Severity: Critical
Last Updated: Wednesday 26 November, 2025
Source:
Industry Reference:CVE-2025-54236
Protection Provided by:

Security Gateway
R81, R80, R77, R75
Who is Vulnerable? Adobe Commerce 2.4.4
Adobe Commerce 2.4.4 p1
Adobe Commerce 2.4.4 p10
Adobe Commerce 2.4.4 p11
Adobe Commerce 2.4.4 p12
Adobe Commerce 2.4.4 p13
Adobe Commerce 2.4.4 p14
Adobe Commerce 2.4.4 p15
Adobe Commerce 2.4.4 p2
Adobe Commerce 2.4.4 p3
Adobe Commerce 2.4.4 p4
Adobe Commerce 2.4.4 p5
Adobe Commerce 2.4.4 p6
Adobe Commerce 2.4.4 p7
Adobe Commerce 2.4.4 p8
Adobe Commerce 2.4.4 p9
Adobe Commerce 2.4.5
Adobe Commerce 2.4.5 p1
Adobe Commerce 2.4.5 p10
Adobe Commerce 2.4.5 p11
Adobe Commerce 2.4.5 p12
Adobe Commerce 2.4.5 p13
Adobe Commerce 2.4.5 p14
Adobe Commerce 2.4.5 p2
Adobe Commerce 2.4.5 p3
Adobe Commerce 2.4.5 p4
Adobe Commerce 2.4.5 p5
Adobe Commerce 2.4.5 p6
Adobe Commerce 2.4.5 p7
Adobe Commerce 2.4.5 p8
Adobe Commerce 2.4.5 p9
Adobe Commerce 2.4.6
Adobe Commerce 2.4.6 p1
Adobe Commerce 2.4.6 p10
Adobe Commerce 2.4.6 p11
Adobe Commerce 2.4.6 p12
Adobe Commerce 2.4.6 p2
Adobe Commerce 2.4.6 p3
Adobe Commerce 2.4.6 p4
Adobe Commerce 2.4.6 p5
Adobe Commerce 2.4.6 p6
Adobe Commerce 2.4.6 p7
Adobe Commerce 2.4.6 p8
Adobe Commerce 2.4.6 p9
Adobe Commerce 2.4.7
Adobe Commerce 2.4.7 b1
Adobe Commerce 2.4.7 b2
Adobe Commerce 2.4.7 beta3
Adobe Commerce 2.4.7 p1
Adobe Commerce 2.4.7 p2
Adobe Commerce 2.4.7 p3
Adobe Commerce 2.4.7 p4
Adobe Commerce 2.4.7 p5
Adobe Commerce 2.4.7 p6
Adobe Commerce 2.4.7 p7
Adobe Commerce 2.4.8
Adobe Commerce 2.4.8 beta1
Adobe Commerce 2.4.8 beta2
Adobe Commerce 2.4.8 p1
Adobe Commerce 2.4.8 p2
Adobe Commerce 2.4.9 alpha1
Adobe Commerce 2.4.9 alpha2
Adobe Commerce B2B 1.3.3
Adobe Commerce B2B 1.3.3 p1
Adobe Commerce B2B 1.3.3 p10
Adobe Commerce B2B 1.3.3 p11
Adobe Commerce B2B 1.3.3 p12
Adobe Commerce B2B 1.3.3 p13
Adobe Commerce B2B 1.3.3 p14
Adobe Commerce B2B 1.3.3 p15
Adobe Commerce B2B 1.3.3 p2
Adobe Commerce B2B 1.3.3 p3
Adobe Commerce B2B 1.3.3 p4
Adobe Commerce B2B 1.3.3 p5
Adobe Commerce B2B 1.3.3 p6
Adobe Commerce B2B 1.3.3 p7
Adobe Commerce B2B 1.3.3 p8
Adobe Commerce B2B 1.3.3 p9
Adobe Commerce B2B 1.3.4
Adobe Commerce B2B 1.3.4 p1
Adobe Commerce B2B 1.3.4 p10
Adobe Commerce B2B 1.3.4 p11
Adobe Commerce B2B 1.3.4 p12
Adobe Commerce B2B 1.3.4 p13
Adobe Commerce B2B 1.3.4 p14
Adobe Commerce B2B 1.3.4 p2
Adobe Commerce B2B 1.3.4 p3
Adobe Commerce B2B 1.3.4 p4
Adobe Commerce B2B 1.3.4 p5
Adobe Commerce B2B 1.3.4 p6
Adobe Commerce B2B 1.3.4 p7
Adobe Commerce B2B 1.3.4 p8
Adobe Commerce B2B 1.3.4 p9
Adobe Commerce B2B 1.4.2
Adobe Commerce B2B 1.4.2 p1
Adobe Commerce B2B 1.4.2 p2
Adobe Commerce B2B 1.4.2 p3
Adobe Commerce B2B 1.4.2 p4
Adobe Commerce B2B 1.4.2 p5
Adobe Commerce B2B 1.4.2 p6
Adobe Commerce B2B 1.4.2 p7
Adobe Commerce B2B 1.5.2
Adobe Commerce B2B 1.5.2 p1
Adobe Commerce B2B 1.5.2 p2
Adobe Commerce B2B 1.5.3 alpha1
Adobe Commerce B2B 1.5.3 alpha2
Adobe Magento 2.4.5
Adobe Magento 2.4.5 p1
Adobe Magento 2.4.5 p10
Adobe Magento 2.4.5 p11
Adobe Magento 2.4.5 p12
Adobe Magento 2.4.5 p13
Adobe Magento 2.4.5 p14
Adobe Magento 2.4.5 p2
Adobe Magento 2.4.5 p3
Adobe Magento 2.4.5 p4
Adobe Magento 2.4.5 p5
Vulnerability Description A remote code execution vulnerability exists in multiple Adobe products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

  1. In the IPS tab, click Protections and find the Adobe Multiple Products Remote Code Execution (CVE-2025-54236) protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Adobe Products Violation.
Attack Information:  Adobe Multiple Products Remote Code Execution (CVE-2025-54236)

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK