CVSS 3.1 Score 5.5 of 10 (medium)


Published Apr 10, 2024
CWE ID 125


CVE-2024-20770 is an out-of-bounds read vulnerability affecting Adobe Photoshop Desktop versions 24.7.2, 25.3.1, and earlier. This vulnerability could potentially lead to the disclosure of sensitive memory. Exploitation of this vulnerability requires user interaction, where a victim must open a malicious file. By leveraging this vulnerability, an attacker could bypass mitigations such as ASLR (Address Space Layout Randomization). The base severity of this vulnerability is rated as MEDIUM, with a CVSS score of 5.5. The confidentiality impact is rated as HIGH, while the integrity impact is NONE, and the availability impact is NONE. Adobe has not provided any specific information on how to remediate this vulnerability at this time.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-20770 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options