- 07/2023
- High
Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities.
The severity of the addressed vulnerabilities could allow the remote attacker to execute arbitrary code or cause a denial of service on the affected system.
Sample of the addressed vulnerabilities:
1. Adobe Acrobat and Adobe Reader Code Execution (CVE-2023-21609):
• CVSS: 7.8
• Attack Vector: Local
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: Required
• Consequences: Gain Access
2. Adobe Acrobat and Adobe Reader Buffer Overflow (CVE-2023-21610):
• CVSS: 7.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: Required
• Consequences: Gain Access
Vulnerabilities
- CVE-2023-21579
- CVE-2023-21581
- CVE-2023-21585
- CVE-2023-21586
- CVE-2023-21604
- CVE-2023-21605
- CVE-2023-21606
- CVE-2023-21607
- CVE-2023-21608
- CVE-2023-21609
- CVE-2023-21610
- CVE-2023-21611
- CVE-2023-21612
- CVE-2023-21613
- CVE-2023-21614
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.