CVE-2024-47422

Name of the Vulnerable Software and Affected Versions Adobe Framemaker versions 2020.6, 2022.4 and earlier

Description The issue is related to an Untrusted Search Path vulnerability that could lead to arbitrary code execution. An attacker could exploit this vulnerability by inserting a malicious path into the search directories, which the application could unknowingly execute. This could allow the attacker to execute arbitrary code in the context of the current user. Exploitation of this issue requires user interaction.

Recommendations For Adobe Framemaker versions 2020.6, 2022.4 and earlier, consider updating to a version that is not affected by this vulnerability. As a temporary workaround, restrict access to the search directories to minimize the risk of exploitation. Avoid using untrusted search paths in the application until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.