CVE-2022-28838

Name of the Vulnerable Software and Affected Versions Acrobat Pro DC versions 22.001.2011x and earlier Acrobat Pro DC versions 20.005.3033x and earlier Acrobat Pro DC versions 17.012.3022x and earlier

Description A use-after-free issue could result in arbitrary code execution in the context of the current user. This issue requires user interaction, where a victim must open a malicious file to exploit the vulnerability. The vulnerability allows attackers to execute arbitrary code.

Recommendations For versions 22.001.2011x and earlier, update to a version that fixes the use-after-free vulnerability. For versions 20.005.3033x and earlier, update to a version that fixes the use-after-free vulnerability. For versions 17.012.3022x and earlier, update to a version that fixes the use-after-free vulnerability. As a temporary workaround, consider avoiding the use of the flattenPages function in Adobe Acrobat Pro DC until a patch is available.