Generic filters
Exact matches only
Search in title
Search in content
Filter by Custom Post Type
Posts
Filter by Categories







[CVSS 7+] Exploited Adobe Acrobat Flaw: Again

Summary of Adobe Advisory

Adobe’s September 2023 Patch Tuesday update includes a critical security patch for Adobe Acrobat and Reader. The patch fixes an actively exploited vulnerability that could permit an attacker to execute malicious code on susceptible systems.

CVE-2023-26369

The vulnerability, tracked as CVE-2023-26369, is rated 7.8 (high) for severity on the CVSS scoring system and impacts both Windows and macOS versions of Acrobat DC, Acrobat Reader DC, Acrobat 2020, and Acrobat Reader 2020.

Successful exploitation of the bug could lead to code execution by opening a specially crafted PDF document.

Adobe acknowledged that CVE-2023-26369 has been exploited in the wild in limited attacks targeting Adobe Acrobat and Reader.

Other Flaws

Also patched by the software maker are two cross-site scripting flaws each in Adobe Connect (CVE-2023-29305 and CVE-2023-29306) and Adobe Experience Manager (CVE-2023-38214 and CVE-2023-38215) that could lead to arbitrary code execution.

⚠️ Adobe strongly recommends users update their software installations to the latest versions.

RECENT BLOG POSTS

PODCASTS

Cubic Lighthouse is a cybersecurity publication dedicated to demystifying security, making news actionable, providing deeper thinking about the fundamentals of security, and providing decision-makers and the community at large with the right information to make the right decisions. We will also feature more technical articles and provide personal/family security advice.

©2024 Cubic Consulting, a Smart Security Company for your Business – All Rights Reserved.

-
00:00
00:00
Update Required Flash plugin
-
00:00
00:00