CVE-2024-34099

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier

Description: The issue is related to an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction, where a victim must open a malicious file. This vulnerability is associated with deficiencies in access control in Adobe Acrobat and Adobe Acrobat Reader, allowing an attacker to execute arbitrary code using a specially crafted file.

Recommendations: For Adobe Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier, update to a version that contains a fix for this issue to prevent arbitrary code execution. As a temporary workaround, consider avoiding the use of Adobe Acrobat Reader to open files from untrusted sources until a patch is available. Restrict access to sensitive files and minimize the risk of exploitation by only opening files from trusted sources.