Adobe Acrobat Reader DC RCE Vulnerability (CVE-2023-21608)
Dark Lab on Feb 24 2023
Share:
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file by persuading a victim to open a specially-crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.
Adobe recommends users update their software installations to the latest versions
https://hacksys.io/blogs/adobe-reader-resetform-cagg-rce-cve-2023-21608
https://securityonline.info/poc-exploit-for-adobe-acrobat-reader-dc-rce-vulnerability-cve-2023-21608-released/
https://nvd.nist.gov/vuln/detail/CVE-2023-21608
https://helpx.adobe.com/security/products/acrobat/apsb23-01.html
Adobe recommends users update their software installations to the latest versions
https://hacksys.io/blogs/adobe-reader-resetform-cagg-rce-cve-2023-21608
https://securityonline.info/poc-exploit-for-adobe-acrobat-reader-dc-rce-vulnerability-cve-2023-21608-released/
https://nvd.nist.gov/vuln/detail/CVE-2023-21608
https://helpx.adobe.com/security/products/acrobat/apsb23-01.html