CVE-2024-34097

Name of the Vulnerable Software and Affected Versions Adobe Acrobat versions prior to 2020 Adobe Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Adobe Acrobat 2020 Acrobat Reader 2020

Description The issue is related to a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file. This vulnerability is associated with the use of memory after it has been freed.

Recommendations For Adobe Acrobat versions prior to 2020, update to a newer version to mitigate the risk. For Adobe Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier, update to a newer version to mitigate the risk. For Adobe Acrobat 2020, update to a newer version to mitigate the risk. For Acrobat Reader 2020, update to a newer version to mitigate the risk. As a temporary workaround, consider avoiding the use of the vulnerable Annotation feature in Adobe Acrobat Reader DC until a patch is available.