PT-2020-6016 · Adobe · Acrobat+1

Published

2020-02-11

Updated

2021-09-08

CVE-2020-3762

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2019.021.20061 Adobe Reader versions prior to 2019.021.20061 Adobe Acrobat versions prior to 2017.011.30156 Adobe Reader versions prior to 2017.011.30156 Adobe Acrobat versions prior to 2015.006.30508 Adobe Reader versions prior to 2015.006.30508

Description The issue is caused by privilege management errors in Adobe Reader and Acrobat. It allows a remote attacker to write arbitrary files to the device's file system. Successful exploitation could lead to arbitrary file system write.

Recommendations For Adobe Acrobat and Reader versions prior to 2019.021.20061, update to a version later than 2019.021.20061. For Adobe Acrobat and Reader versions prior to 2017.011.30156, update to a version later than 2017.011.30156. For Adobe Acrobat and Reader versions prior to 2015.006.30508, update to a version later than 2015.006.30508.

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

BDU:2021-02604

CVE-2020-3762

Affected Products

Acrobat

Reader

PT-2020-6016 · Adobe · Acrobat+1

CVE-2020-3762

Weakness Enumeration

Related Identifiers

Affected Products

References · 5