CVE-2023-29320
ZDI-CAN-20712: Adobe Acrobat Blacklist Bypass Design flaw
In short
Adobe Acrobat Reader has a security bypass that allows attackers to run malicious code on your computer by getting you to open a specially crafted PDF file. The software's built-in safety restrictions can be circumvented to execute harmful commands.
Technical detail
A design flaw in Adobe Acrobat Reader (versions 23.003.20244 and earlier, 20.005.30467 and earlier) allows attackers to bypass API blacklist restrictions, enabling arbitrary code execution in the user's context. The attack vector requires social engineering to trick a user into opening a malicious PDF file; once opened, the blacklist bypass permits execution of otherwise restricted APIs.
Summary generated and translated by AI from the official description.
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execution in the context of the current user by bypassing the API blacklisting feature. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Adobe · Acrobat ReaderWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →