20.6.2

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

adobe

NVD

Published: 2020-11-12

Updated: 2022-10-21

Summary

Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information stored in databases used by the application. Exploitation requires a victim to download and run a malicious application.

Vulnerable Configurations

Part	Description	Count
Application	Adobe Adobe Acrobat Reader 20.6.0 Adobe Acrobat Reader 20.6.2	2

References

https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.html