CVE-2023-29320

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 23.003.20244 and earlier Adobe Acrobat Reader versions 20.005.30467 and earlier

Description The issue is related to a Violation of Secure Design Principles vulnerability that could result in arbitrary code execution in the context of the current user by bypassing the API blacklisting feature. Exploitation of this issue requires user interaction, where a victim must open a malicious file. This vulnerability is also associated with improper access control, allowing attackers to bypass protection mechanisms.

Recommendations For Adobe Acrobat Reader versions 23.003.20244 and earlier, update to a version that addresses the Violation of Secure Design Principles vulnerability. For Adobe Acrobat Reader versions 20.005.30467 and earlier, update to a version that addresses the Violation of Secure Design Principles vulnerability. As a temporary workaround, consider restricting access to the API blacklisting feature until a patch is available. Avoid opening malicious files to minimize the risk of exploitation.