Vulnerabilities

Critical Code Execution Flaws With Adobe Acrobat and Reader – Update Now!!

Adobe has released updates that fix twenty-six vulnerabilities in the Adobe Acrobat, Reader, and Lightroom products.

Out of 26 flaws, 11 are rated as critical, they could be exploited by hackers to run the arbitrary code remotely or to bypass security features on the vulnerable installations.

Adobe Acrobat and Reader | APSB20-48

Adobe released security updates for Adobe Acrobat and Reader for Windows and macOS, the updates cover critical and important vulnerabilities. Successful exploitation allows attackers to execute remote code in the context of the current user.

List of Vulnerabilities

Vulnerability Category Vulnerability Impact Severity CVE Number
Disclosure of Sensitive Data Memory Leak Important    CVE-2020-9697
Security bypass  Privilege Escalation  Important CVE-2020-9714
Out-of-bounds write Arbitrary Code Execution          Critical  CVE-2020-9693CVE-2020-9694
Security bypass Security feature bypass Critical  CVE-2020-9696CVE-2020-9712
Stack exhaustion Application denial-of-service Important  CVE-2020-9702CVE-2020-9703
Out-of-bounds read Information disclosure Important  CVE-2020-9723CVE-2020-9705CVE-2020-9706CVE-2020-9707CVE-2020-9710CVE-2020-9716CVE-2020-9717CVE-2020-9718CVE-2020-9719CVE-2020-9720CVE-2020-9721
Buffer error Arbitrary Code Execution          Critical  CVE-2020-9698CVE-2020-9699CVE-2020-9700CVE-2020-9701CVE-2020-9704
Use-after-free    Arbitrary Code Execution          Critical  CVE-2020-9715CVE-2020-9722

Fixed versions

Product Track Updated Versions Platform Priority Rating Availability
Acrobat DC Continuous 2020.012.20041 Windows and macOS 2 Windows    macOS  
Acrobat Reader DC Continuous 2020.012.20041 Windows and macOS 2 Windows
macOS
           
Acrobat 2020 Classic 2020            2020.001.30005 Windows and macOS      2 Windows    macOS  
Acrobat Reader 2020 Classic 2020            2020.001.30005 Windows and macOS      2 Windows
macOS
           
Acrobat 2017 Classic 2017 2017.011.30175 Windows and macOS 2 WindowsmacOS
Acrobat Reader 2017 Classic 2017 2017.011.30175 Windows and macOS 2 WindowsmacOS
           
Acrobat 2015 Classic 2015 2015.006.30527 Windows and macOS 2 WindowsmacOS
Acrobat Reader 2015 Classic 2015 2015.006.30527 Windows and macOS 2 WindowsmacOS

Adobe Lightroom | APSB20-51

Adobe Lightroom Classic for Windows and macOS covers important security updates, successful exploitation of the vulnerability allows attackers to escalate privilege.

List of Vulnerabilities

Vulnerability Category Vulnerability Impact Severity CVE Numbers
Insecure Library Loading Privilege escalation Important CVE-2020-9724

Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin.

Related Read

Adobe Released Security Updates for 87 Vulnerabilities with Media Encoder, Flash, Adobe Acrobat and Reader

To Top

Pin It on Pinterest

Share This