Vulnerabilities > CVE-2020-9570 - Out-of-bounds Write vulnerability in Adobe Illustrator

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
adobe
CWE-787
nessus
NVD
Published: 2020-06-26
Updated: 2021-07-21

Summary

Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .

Vulnerable Configurations

Part Description Count
Application
Adobe
22
OS
Microsoft
1

Common Weakness Enumeration (CWE)

Nessus

NASL familyWindows
NASL idADOBE_ILLUSTRATOR_APSB20-20.NASL
descriptionThe version of Adobe Illustrator CC on the remote Windows hosts is prior to 24.1.2. It is, therefore, affected multiple vulnerabilities which could lead to arbitrary code execution in the context of current user on the remote host. An unauthenticated, local attacker could exploit these issues to execute arbitrary commands on the host. Note that Nessus has not tested for this issue but has instead relied only on the application
last seen2020-05-06
modified2020-05-01
plugin id136190
published2020-05-01
reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/136190
titleAdobe Illustrator CC < 24.1.2 Multiple Vulnerabilites (APSB20-20)

References