CVE-2022-34225

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 22.001.20142 and earlier Adobe Acrobat Reader versions 20.005.30334 and earlier Adobe Acrobat Reader versions 17.012.30229 and earlier Adobe Acrobat versions (affected versions not specified)

Description The issue is related to a use-after-free vulnerability that could allow an attacker to execute arbitrary code in the context of the current user. Exploitation requires user interaction, where a victim must open a malicious file. This vulnerability affects programs for viewing PDF files, including Adobe Reader Document Cloud and Adobe Reader, as well as programs for editing PDF files, including Adobe Acrobat Document Cloud and Adobe Acrobat.

Recommendations For Adobe Acrobat Reader versions 22.001.20142 and earlier, update to a version that fixes the use-after-free vulnerability to prevent arbitrary code execution. For Adobe Acrobat Reader versions 20.005.30334 and earlier, update to a version that fixes the use-after-free vulnerability to prevent arbitrary code execution. For Adobe Acrobat Reader versions 17.012.30229 and earlier, update to a version that fixes the use-after-free vulnerability to prevent arbitrary code execution. For Adobe Acrobat, at the moment, there is no information about a newer version that contains a fix for this vulnerability.