CVE-2023-26369

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 23.006.20320 Adobe Acrobat Reader versions prior to 23.006.20320 Adobe Acrobat 2020 versions prior to 20.005.30524 Adobe Acrobat Reader 2020 versions prior to 20.005.30524

Description The issue is related to an out-of-bounds write vulnerability in Adobe Acrobat and Reader, which can allow an attacker to execute arbitrary code. This vulnerability has been exploited in limited attacks targeting Adobe Acrobat and Reader. The exploitation of this issue requires user interaction, where a victim must open a malicious file. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Adobe Acrobat versions prior to 23.006.20320, update to version 23.006.20320 or later. For Adobe Acrobat Reader versions prior to 23.006.20320, update to version 23.006.20320 or later. For Adobe Acrobat 2020 versions prior to 20.005.30524, update to version 20.005.30524 or later. For Adobe Acrobat Reader 2020 versions prior to 20.005.30524, update to version 20.005.30524 or later. As a temporary workaround, consider avoiding the use of vulnerable functions or modules in Adobe Acrobat and Reader until a patch is available. Restrict access to malicious files to minimize the risk of exploitation.