CVE-2024-30284

Name of the Vulnerable Software and Affected Versions Adobe Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier Adobe Acrobat 2020 Adobe Acrobat Reader 2020 Adobe Acrobat Document Cloud Adobe Acrobat Reader Document Cloud

Description The issue is related to a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file. This allows an attacker to execute arbitrary code.

Recommendations For Adobe Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier, update to a version that is not affected by this issue. For Adobe Acrobat 2020, Adobe Acrobat Reader 2020, Adobe Acrobat Document Cloud, and Adobe Acrobat Reader Document Cloud, ensure that users are cautious when opening files from untrusted sources to minimize the risk of exploitation. As a temporary workaround, consider restricting the use of the annotation feature in Adobe Acrobat Reader DC until a patch is available. Avoid opening malicious files to prevent arbitrary code execution.