- 333/2024
- High
Adobe has released security updates to fix several vulnerabilities across Adobe Acrobat and Reader, Adobe Experience Manager (AEM), and Adobe Illustrator.
The addressed vulnerabilities could allow the attacker to bypass security restrictions, perform denial of service attacks, or execute arbitrary code and gain access to the affected products.
Sample of the addressed vulnerabilities:
1. Adobe Illustrator Code Execution Vulnerability (CVE-2024-49538):
- CVSS: 7.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
2. Adobe Experience Manager Code Execution Vulnerability (CVE-2024-43711):
- CVSS: 7.1
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: Low
- User Interaction: Required
- Consequences: Gain Access
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.