CVE-2023-48635

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 13, 2023
Updated: Dec 16, 2023
CWE ID 125

Summary

CVE-2023-48635 is a newly disclosed vulnerability affecting Adobe After Effects versions 24.0.3 and earlier, as well as 23.6.0 and earlier. This issue represents an out-of-bounds read vulnerability, which means an attacker could potentially access sensitive memory content. The exploitation of this flaw enables bypassing of Address Space Layout Randomization (ASLR), thereby increasing the attacker's chances of successfully executing code injection. User interaction is required for this vulnerability to be exploited, as the victim must open a specially crafted file.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share