How can we help?
Adobe has released patches for code execution vulnerabilities in Acrobat PDF reader, Acrobat for Android and some of their other products.
Adobe Connect (web conferencing software) and Campaign (a marketing solution) have cross-site scripting vulnerabilities (XSS) leading to code execution.
Commerce (an online selling platform) has a pre-auth (exploitable without credentials) Cross-Site Request Forgery (CSRF).
An attacker may be able to craft a file to exploit Adobe Reader and grant code execution on the device used to view it.
This would require the victim to open the malicious file eg. via phishing.
- Adobe Acrobat 21.007.20095, 20.004.30015,17.011.30202 and below
- Adobe Connect 11.2.2 and below
- Adobe Acrobat Reader for Android 21.8.0 and below
- Adobe ops-cli 2.04 and below
- Adobe Commerce 2.3.7-p1, 2.4.2-p2, 2.4.3 and below
- Adobe Campaign Standard Release 21.2.1 and below
Containment, Mitigations & Remediations
Update the software.
Indicators of Compromise
None listed. No known exploitation was sighted in the wild.
A PDF reader exploit is a useful aid to phishing attacks as it can allow the attacker code execution.
This can be much more effective than phishing without an exploit, which depends on tricking a user into entering a password.
T1566.001 – Spearphishing Attachment