CVE-2023-48635
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-48635 is a newly disclosed vulnerability affecting Adobe After Effects versions 24.0.3 and earlier, as well as 23.6.0 and earlier. This issue represents an out-of-bounds read vulnerability, which means an attacker could potentially access sensitive memory content. The exploitation of this flaw enables bypassing of Address Space Layout Randomization (ASLR), thereby increasing the attacker's chances of successfully executing code injection. User interaction is required for this vulnerability to be exploited, as the victim must open a specially crafted file.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Adobe After Effects
Affected Vendors
- Adobe