CVE-2024-20737

Name of the Vulnerable Software and Affected Versions After Effects versions 24.1, 23.6.2 and earlier

Description The issue is related to an out-of-bounds read vulnerability in the memory, which could allow an attacker to gain unauthorized access to protected information and bypass the ASLR protection mechanism. Exploitation of this issue requires user interaction, where a victim must open a malicious file, potentially leading to the disclosure of sensitive memory.

Recommendations For versions 24.1, 23.6.2 and earlier, update to a version that fixes the out-of-bounds read vulnerability to prevent potential exploitation. As a temporary workaround, consider avoiding the use of potentially malicious files until a patch is available. Restrict access to sensitive information and ensure that only authorized users can open files in After Effects to minimize the risk of exploitation.