CVE-2024-47423

Name of the Vulnerable Software and Affected Versions Adobe Framemaker versions 2020.6, 2022.4 and earlier

Description The issue is related to an Unrestricted Upload of File with Dangerous Type, which could result in arbitrary code execution. An attacker could exploit this by uploading a malicious file that can be automatically processed or executed by the system. Exploitation requires user interaction.

Recommendations For Adobe Framemaker versions 2020.6, 2022.4 and earlier, consider disabling the file upload feature until a patch is available to prevent exploitation. Restrict access to the system to minimize the risk of arbitrary code execution. Avoid using the system for processing or executing files from untrusted sources until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.