CVE-2024-39422

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 14, 2024

Updated: Aug 15, 2024

CWE ID 416

Summary

CVE-2024-39422 is a Use After Free vulnerability that impacts Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, and 24.001.30123, and possibly earlier editions. Maliciously crafted files can cause this issue, leading to arbitrary code execution in the context of the current user. Exploitation necessitates user interaction, meaning a victim must open the malicious file for the vulnerability to be triggered.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Adobe Acrobat DC
Adobe Acrobat
Adobe Acrobat Reader
Adobe Acrobat Reader DC

Affected Vendors

Adobe

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wovG5b
https://www.cve.org/CVERecord?id=CVE-2024-39422
https://nvd.nist.gov/vuln/detail/CVE-2024-39422

Back to Vulnerability Database