BDU:2024-01464

BDU

HighConfirmedExploit available

Уязвимость программ просмотра и редактирования PDF-файлов Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat …

CVSS

8.8

High

EPSS

0.00

Published

2024-01-01

Updated

2024-01-01

Description

Уязвимость программ просмотра и редактирования PDF-файлов Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, Adobe Acrobat Reader 2020 связана с использованием памяти после ее освобождения. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код с помощью специально созданного файла

Tags · CWE

Pre-auth

Affected products

Adobe systems inc. Adobe acrobat 2020Adobe systems inc. Adobe acrobat 2020Adobe systems inc. Adobe acrobat document cloudAdobe systems inc. Adobe acrobat document cloudAdobe systems inc. Adobe acrobat reader 2020Adobe systems inc. Adobe acrobat reader 2020Adobe systems inc. Adobe acrobat reader document cloudAdobe systems inc. Adobe acrobat reader document cloud

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

2024-01-01

Published

2024-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

BDU:2024-01464

bdu_exploit · https://bdu.fstec.ru/vul

Enterprise

Affected products

Adobe

Adobe Acrobat Document Cloud Adobe Acrobat Reader Document Cloud Adobe Acrobat Reader 2020 Adobe Acrobat 2020

Product	Vendor	Status
adobe acrobat 2020	adobe systems inc.	Tracked
adobe acrobat 2020	adobe systems inc.	Tracked
adobe acrobat document cloud	adobe systems inc.	Tracked
adobe acrobat document cloud	adobe systems inc.	Tracked
adobe acrobat reader 2020	adobe systems inc.	Tracked
adobe acrobat reader 2020	adobe systems inc.	Tracked
adobe acrobat reader document cloud	adobe systems inc.	Tracked
adobe acrobat reader document cloud	adobe systems inc.	Tracked

Source databases

BDU

Related vulnerabilities

CVE-2024-20731

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-20731@https://helpx.adobe.com/security/products/acrobat/apsb24-07.html@http://talosintelligence.com/reports/TALOS-2023-1901@https://helpx.adobe.com/security/products/acrobat/apsb24-07.html@https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1901@https://safe-surf.ru/upload/VULN-new/VULN.2024-02-16.1.pdf