The U.S. [1] [2] [4] Cybersecurity and Infrastructure Security Agency (CISA) has identified a high-severity vulnerability [2] [3] [4], CVE-2023-21608 [1] [2] [3] [4], in its Known Exploited Vulnerabilities catalog [1] [2] [4]. This vulnerability allows attackers to remotely execute malicious code with the privileges of the current user. It specifically affects certain versions of Adobe Acrobat Reader.
Description
The vulnerability, known as a use-after-free bug, impacts Adobe Acrobat Reader versions 22.003.20282 and 22.003.20281 [3], as well as versions 20.005.30418 and earlier [3]. Adobe released a patch for this vulnerability in January 2023 [1]. The affected software includes Acrobat DC, Acrobat Reader DC [1] [3] [4], Acrobat 2020 [1] [4], and Acrobat Reader 2020 [1] [4]. While the details of the exploitation and the threat actors involved are currently unknown [1] [4], a proof-of-concept exploit for this vulnerability became available in late January 2023 [1]. This marks the second instance of an Adobe Acrobat and Reader vulnerability being exploited in the wild.
Conclusion
To secure their networks [1], Federal Civilian Executive Branch agencies are required to apply the patches provided by Adobe by October 31, 2023 [1] [4]. It is crucial for organizations to promptly address this vulnerability to mitigate the risk of remote code execution. The exploitation of Adobe Acrobat and Reader vulnerabilities highlights the ongoing need for robust cybersecurity measures and the importance of staying vigilant against emerging threats.
References
[1] https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html
[2] https://www.linkedin.com/posts/wdevault_us-cybersecurity-agency-warns-of-actively-activity-7117853998577053697-1bG6
[3] https://www.darkreading.com/vulnerabilities-threats/adobe-acrobat-reader-vuln-under-attack
[4] http://bssn.esy.es/index.php/2023/10/11/u-s-cybersecurity-agency-warns-of-actively-exploited-adobe-acrobat-reader-vulnerability/
