Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability

2023-09-13 02:57

Adobe's Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems.

The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system and impacts both Windows and macOS versions of Acrobat DC, Acrobat Reader DC, Acrobat 2020, and Acrobat Reader 2020.

Adobe did not disclose any additional details about the issue or the targeting involved.

"Adobe is aware that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader," the company acknowledged in an advisory.

Achieved MFA? PAM? Service account protection? Find out how well-equipped your organization truly is against identity threats.

Also patched by the software maker are two cross-site scripting flaws each in Adobe Connect and Adobe Experience Manager that could lead to arbitrary code execution.

News URL

https://thehackernews.com/2023/09/update-adobe-acrobat-and-reader-to.html

#acrobat #adobe #adobeacrobat #patch #vulnerability #CVE-2023-26369

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-13	CVE-2023-26369	Out-of-bounds Write vulnerability in Adobe products Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. local low complexity adobe CWE-787	7.8

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Adobe		164	60	1919	820	2135	4934

News URL

Related news

Related Vulnerability

Related vendor