1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability

Known Exploited Vulnerabilities CVE-2023-26369 Mappings

Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability primary_impact T1203 Exploitation for Client Execution
Comments
This vulnerability is exploited through a user opening a malicious PDF file.
References
  1. https://www.rapid7.com/db/vulnerabilities/adobe-acrobat-cve-2023-26369/
  2. https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2023/CVE-2023-26369.html
CVE-2023-26369 Adobe Acrobat and Reader Out-of-Bounds Write Vulnerability exploitation_technique T1204.002 Malicious File
Comments
This vulnerability is exploited through a user opening a malicious PDF file.
References
  1. https://www.rapid7.com/db/vulnerabilities/adobe-acrobat-cve-2023-26369/
  2. https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2023/CVE-2023-26369.html