CVE-2024-20791

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published May 16, 2024

CWE ID 125

Summary

CVE-2024-20791 is a newly disclosed vulnerability affecting Adobe Illustrator versions 28.4 and 27.9.3, and possibly older releases. The flaw involves an out-of-bounds read vulnerability during file parsing, allowing an attacker to read data beyond the allocated memory limit. If successfully exploited, this issue could result in code execution with the privileges of the current user. However, exploitation requires a user to open a specially crafted file.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Illustrator

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/v7istM
https://www.cve.org/CVERecord?id=CVE-2024-20791
https://nvd.nist.gov/vuln/detail/CVE-2024-20791

Back to Vulnerability Database