CVE-2023-38227

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 10, 2023

Updated: Aug 15, 2023

CWE ID 416

Summary

CVE-2023-38227 is a Use After Free vulnerability affecting Adobe Acrobat Reader versions 23.003.20244 and earlier, as well as 20.005.30467 and earlier. This issue puts arbitrary code execution at risk, allowing attackers to exploit the vulnerability if a user opens a maliciously crafted PDF file. The vulnerability occurs due to a memory management error in the Adobe Acrobat Reader software. Successful exploitation of this vulnerability requires user interaction.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Acrobat DC
Adobe Acrobat Reader
Adobe Acrobat
Adobe Acrobat Reader DC

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r-yup9
https://www.cve.org/CVERecord?id=CVE-2023-38227
https://nvd.nist.gov/vuln/detail/CVE-2023-38227

Back to Vulnerability Database