CVE-2023-25859

Name of the Vulnerable Software and Affected Versions Adobe Illustrator versions 26.5.2 and earlier Adobe Illustrator versions 27.2.0 and earlier

Description The issue exists due to insufficient input validation in the graphic editor. Exploitation of this issue could allow an attacker to execute arbitrary code by using a specially crafted file. This requires user interaction, where a victim must open a malicious file. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited.

Recommendations For Adobe Illustrator versions 26.5.2 and earlier, update to a version later than 26.5.2 to resolve the issue. For Adobe Illustrator versions 27.2.0 and earlier, update to a version later than 27.2.0 to resolve the issue. As a temporary workaround, consider avoiding the use of untrusted or unknown files in Adobe Illustrator until a patch is available.