Home / About / Threat Intelligence / Patches for Adobe Products

Overview

Adobe has released patches for code execution vulnerabilities in Acrobat PDF reader, Acrobat for Android and some of their other products.

Adobe Connect (web conferencing software) and Campaign (a marketing solution) have cross-site scripting vulnerabilities (XSS) leading to code execution.

Commerce (an online selling platform) has a pre-auth (exploitable without credentials) Cross-Site Request Forgery (CSRF).

Impact

An attacker may be able to craft a file to exploit Adobe Reader and grant code execution on the device used to view it.

This would require the victim to open the malicious file eg. via phishing.

Affected Products

  • Adobe Acrobat 21.007.20095, 20.004.30015,17.011.30202 and below
  • Adobe Connect 11.2.2 and below
  • Adobe Acrobat Reader for Android 21.8.0 and below
  • Adobe ops-cli 2.04 and below
  • Adobe Commerce 2.3.7-p1, 2.4.2-p2, 2.4.3 and below
  • Adobe Campaign Standard Release 21.2.1 and below

Containment, Mitigations & Remediations

Update the software.

Indicators of Compromise

None listed. No known exploitation was sighted in the wild.

Threat Landscape

A PDF reader exploit is a useful aid to phishing attacks as it can allow the attacker code execution.

This can be much more effective than phishing without an exploit, which depends on tricking a user into entering a password.

Mitre Methodologies

T1566.001 – Spearphishing Attachment

Further Information

Security Bulletins and Advisories