Published: 18/01/2023 Updated: 26/01/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Adobe Acrobat Reader versions 22.003.20282 (and previous versions), 22.003.20281 (and previous versions) and 20.005.30418 (and previous versions) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
adobe acrobat_dc
adobe acrobat_reader_dc
adobe acrobat
adobe acrobat_reader

Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit

CVE-2023-21608 This bug was Use after Free which was caused during resetForm operation while handling object memory references Blog Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608 Advisory CVE-2023-21608 Demo

Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit

CVE-2023-21608 Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit Blog mediumcom/@Kushagra007/adobe-acrobat-reader-resetform-cagg-uaf-rce-exploit-cve-2023-21608-652624346c8f DEMO DEMOmp4

CWE-416 https://helpx.adobe.com/security/products/acrobat/apsb23-01.html https://nvd.nist.gov https://github.com/hacksysteam/CVE-2023-21608 https://www.zerodayinitiative.com/advisories/ZDI-23-061/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-21608

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect