CVE-2023-21586

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 19, 2024

CWE ID 476

Summary

CVE-2023-21586 is a NULL Pointer Dereference vulnerability affecting Adobe Acrobat Reader versions 22.003.20282 and earlier, 22.003.20281 and earlier, and 20.005.30418 and earlier. This issue allows an unauthenticated attacker to cause an application denial-of-service by manipulating a malicious file. User interaction is required for successful exploitation, meaning the victim must open the compromised file for the vulnerability to be triggered. These versions of Adobe Acrobat Reader are urged to be updated to mitigate the risk of this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Reader XI

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/phZdvg
https://www.cve.org/CVERecord?id=CVE-2023-21586
https://nvd.nist.gov/vuln/detail/CVE-2023-21586

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners