Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution

Post author:Cyber Security Advisories - MS-ISAC
Post published:May 14, 2024

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.

Adobe Acrobat is a family of application software and Web services used to view, create, manipulate, print and manage Portable Document Format (PDF) files.
Adobe Substance3D Painter is a 3D painting software that allows users to texture and add materials directly to 3D meshes in real-time.
Adobe Substance3D Designer is a 3D design software that generates textures from procedural patterns inside node-based graphs.
Adobe Aero is a cross platform solution that enables creatives with no coding and mininmal 3D experience to design, share, and view interactive augmented reality experiences.
Adobe FrameMaker lets you create structured or template-based documents, review and collaborate with multiple content management systems and publish to a multitude of devices.
Adobe Dreamweaver is a proprietary web development tool.
Adobe Illustrator is a vector graphics editor and design software.
Adobe Animate is used to create vector graphics and interactive content.

Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights

Share my story Share this content

You Might Also Like

ICSJWG Spring 2022 Virtual Meeting

Multiple Vulnerabilities in Adobe ColdFusion Could Allow for Arbitrary Code Execution

Share this content