CVE-2023-38224
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-38224 is a Use After Free vulnerability affecting Adobe Acrobat Reader versions 23.003.20244 and earlier, as well as 20.005.30467 and earlier. This issue can lead to arbitrary code execution, giving attackers the ability to run malicious code on the affected system. The vulnerability is triggered when the software fails to properly manage memory, resulting in a pointer being used after it has been freed. To exploit this issue, a user must open a specially crafted file, making it essential that users update their Adobe Acrobat Reader software to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe Acrobat DC
- Adobe Acrobat Reader
- Adobe Acrobat
- Adobe Acrobat Reader DC
Affected Vendors
- Adobe