CVE-2023-21608
| CVE Published | 2023-01-18 |
|---|---|
| Related CWE(s) | CWE-416: Use After Free |
| Related Vendor(s) | adobe |
| Related Product(s) | acrobat_reader_dc, acrobat, acrobat_dc, acrobat_reader |
| Exploitation Reported (CISA KEV) | 2023-10-10 |
| CVSS 3 Base Score | 7.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph