An Adobe Reader zero day is being abused in the wild – and used to deliver a three-stage exploit chain in PDF attachments, say security researchers. 

The critical vulnerability, which does not yet have a patch or CVE allocated, was spotted by prolific bug hunter Haifei Li – who shared details on April 7.

It allows hackers to “execute privileged Acrobat APIs,” Li said. Disabling JS on Adobe Reader is one simple initial mitigation to avoid exploitation. 

The bug is “highly sophisticated” Li said – even the initial exploit is “fully capable of stealing a wide range of sensitive data from the local system.”

Li said they have confirmed that the ‘fingerprinting’ exploit uses a “zero-day/unpatched vulnerability that works on the latest version of Adobe Reader without requiring any user interaction beyond opening a PDF file.”

(Li is a widely respected security researcher with an extensive and impressive list of CVEs across Adobe, Google, Microsoft and beyond.)

“Even more concerning, this exploit allows the threat actor to not only collect/steal local information but also potentially launch subsequent RCE/SBX attacks, which could lead to full control of the victim's system.”

The initial exploit results in malware that calls a C2 server (IP addresses 188.214.34.20:34123 and 169.40.2.68:45191 have been found in samples), presumably to deliver further payloads, although these have not been identified/reversed as The Stack published today. Li’s analysis suggests that exploitation in the wild has been ongoing since December 2025. 

Adobe PSIRT did not respond to our request for comment.

A security researcher going by @Gi7w0rm said they had seen a “3 step exploit chain” in malicious PDFs used in the campaign: “Step1: An improper input sanitisation in "ANFancyAlertImpl". Step2: Improper Trust Boundary enforcement between "ANShareFile" and "SilentDocCenterLogin" Step3: A Prototype polution in "SilentDocCenterLogin" related to .swConn.”

“This is used to enable full control over Adobe Reader's privileged API surface. Including Arbitrary file read/write via `util.readFileIntoStream` - Network communication via `RSS.addFeed` (abused for C2), filesystem probing via `Collab.isDocReadOnly` [and] process information via `app.plugIns`, `app.viewerVersion`, etc.” @Gi7w0rm posted on X. 

(Whilst we are sometimes leery of posting unverified claims by pseudonymous researchers  unless they are as well known as the likes of The Grugq, @Gi7w0rm’s track record spans early identification of the “Quad7” TP-Link router exploitation and the Arechclient2 .NET RAT.)

Li urged organisations to not to open PDFs from untrusted contacts until a patch is released – and added that network defenders can potentially mitigate attacks by monitoring for and blocking HTTP/HTTPS traffic containing the "Adobe Synchronizer" string in the User-Agent header.

We keep our cybersecurity reporting free for public interest reasons. Your subscriptions support our ability to do so - and give deeper access to a pool of in-depth analysis pieces and exclusive interviews including with leading CISOs and CIOs.

Join our members already getting access
The link has been copied!