CVE-2024-20770

Summary

CVE-2024-20770 is a newly disclosed vulnerability affecting Adobe Photoshop Desktop versions 24.7.2 and 25.3.1, and possibly older releases. This issue represents an out-of-bounds read vulnerability, meaning that memory beyond designated boundaries can be accessed. The consequence of this vulnerability is the potential disclosure of sensitive information from the affected system's memory. A malicious file is required for exploitation, so user interaction is necessary for an attacker to successfully leverage this vulnerability. Additionally, this issue can potentially bypass Address Space Layout Randomization (ASLR) mitigations, enhancing the attacker's ability to execute code on the target system.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.