CVE-2024-20737

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Apr 10, 2024

CWE ID 125

Summary

CVE-2024-20737 is a newly disclosed vulnerability affecting Adobe After Effects versions 24.1 and earlier, as well as 23.6.2. This issue represents an out-of-bounds read vulnerability, allowing an attacker to access sensitive memory content beyond authorized boundaries. By exploiting this weakness, a malicious actor could bypass important security mitigations like Address Space Layout Randomization (ASLR), potentially gaining deeper access to targeted systems. It is essential to note that exploitation of this vulnerability necessitates user interaction, meaning a victim must open a specially crafted file for the attack to occur.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vSsxhi
https://www.cve.org/CVERecord?id=CVE-2024-20737
https://nvd.nist.gov/vuln/detail/CVE-2024-20737

Back to Vulnerability Database

CVE-2024-20737

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations