Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2023-21608 | Adobe Acrobat and Reader Use-After-Free Vulnerability | primary_impact | T1203 | Exploitation for Client Execution |
Comments
This vulnerability is exploited by having a user open a maliciously-crafted pdf file, which can result in arbitrary code execution.
References
|
| CVE-2023-21608 | Adobe Acrobat and Reader Use-After-Free Vulnerability | exploitation_technique | T1204.002 | Malicious File |
Comments
This vulnerability is exploited by having a user open a maliciously-crafted pdf file, which can result in arbitrary code execution.
References
|