CVE-2024-30278

Name of the Vulnerable Software and Affected Versions Adobe Media Encoder versions 23.6.5, 24.3 and earlier

Description The issue is related to an out-of-bounds read vulnerability in the Adobe Media Encoder application, which could allow an attacker to disclose sensitive memory information. This vulnerability can be leveraged to bypass certain security mitigations, such as Address Space Layout Randomization (ASLR). Exploitation of this issue requires user interaction, specifically opening a malicious file.

Recommendations For Adobe Media Encoder versions 23.6.5 and earlier, update to a version that is not affected by this issue. For Adobe Media Encoder version 24.3 and earlier, update to a version that is not affected by this issue. As a temporary workaround, consider avoiding the use of potentially malicious files with Adobe Media Encoder until a patch is available.