Lucene search

K

[email protected]NVD:CVE-2023-21612

HistoryJan 18, 2023 - 7:15 p.m.

CVE-2023-21612

2023-01-1819:15:12

CWE-379

[email protected]

web.nvd.nist.gov

adobe

acrobat reader

privilege escalation

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

29.1%

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected configurations

NVD

Node

adobeacrobat_dcRange15.008.20082–22.003.20282continuous

OR

adobeacrobat_reader_dcRange15.008.20082–22.003.20282continuous

AND

microsoftwindowsMatch-

Node

adobeacrobat_dcRange15.008.20082–22.003.20281continuous

OR

adobeacrobat_reader_dcRange15.008.20082–22.003.20281continuous

AND

applemacosMatch-

Node

adobeacrobatRange20.001.30005–20.005.30418classic

OR

adobeacrobat_readerRange20.001.30005–20.005.30418classic

AND

applemacosMatch-

OR

microsoftwindowsMatch-

References

helpx.adobe.com/security/products/acrobat/apsb23-01.html

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

29.1%

Related for NVD:CVE-2023-21612

cve1 prion1 cvelist1 openvas8 kaspersky1 adobe1 nessus4