CVE-2020-3780

Name of the Vulnerable Software and Affected Versions Adobe Photoshop CC 2019 versions 20.0.8 and earlier Adobe Photoshop 2020 versions 21.1 and earlier

Description The issue is related to a buffer error in the graphic editor, which could allow a remote attacker to execute arbitrary code on the target system by opening a malicious file. This can occur due to a buffer overflow, where an operation exceeds the memory buffer boundaries. The estimated number of potentially affected devices worldwide is not specified. There is no information provided about real-world incidents where this issue was exploited.

Recommendations For Adobe Photoshop CC 2019 versions 20.0.8 and earlier, update to a version later than 20.0.8 to resolve the issue. For Adobe Photoshop 2020 versions 21.1 and earlier, update to a version later than 21.1 to resolve the issue. As a temporary workaround, consider avoiding the use of potentially vulnerable functions related to the EPS BoundingBox Element until a patch is available.