CVE-2024-20734

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Feb 15, 2024
Updated: Mar 1, 2024
CWE ID 416

Summary

The vulnerability with CVE ID CVE-2024-20734 affects Acrobat Reader versions 20.005.30539, 23.008.20470, and earlier. It is classified as a Use After Free vulnerability, falling under CWE-416, which could result in the disclosure of sensitive memory. The exploitation of this vulnerability requires user interaction through the opening of a malicious file. Affected products include Acrobat Reader and several others. The potential danger to organizations lies in the bypassing of mitigations like ASLR, posing a risk to confidentiality with a high impact level. The base severity of this vulnerability is rated as MEDIUM, with a base score of 5.5 out of 10 according to the CVSS:3.1 scoring system.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-20734 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options