Adobe Acrobat Reader has a serious security flaw, so update now

A high-severity flaw allowing for remote code execution was found.

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Some versions ofAdobe’s Acrobat ReaderPDF editorare vulnerable to a high-severity flaw that threat actors are using to execute malicious code on target endpoints remotely.

The alarm was sounded by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which urged users to apply the patch and protect their premises immediately.

The flaw, discovered by HackSys researchers Ashfaq Ansari and Krishnakant Patil, is described as a use-after-free bug and is being tracked as CVE-2023-21608. It carries a severity score of 7.8 (High) and can be abused by having the victim run a malicious file on the target endpoint.

Abuse in the wild

The flaw affects multiple products and versions, including Acrobat DC - 22.003.20282 (Windows), 22.003.20281 (Mac), and earlier versions (addressed in 22.003.20310); Acrobat Reader DC - 22.003.20282 (Windows), 22.003.20281 (Mac), and earlier versions (addressed in 22.003.20310), Acrobat 2020 - 20.005.30418 and earlier versions (addressed in 20.005.30436); and Acrobat Reader 2020 - 20.005.30418 and earlier versions (addressed in 20.005.30436).

CISA said that the flaw is being “actively exploited” without elaborating further, meaning besides knowing hackers are abusing the flaw, we don’t know which groups are abusing it, or against which entities - or even how many organizations are affected.

This is the second vulnerabilitydiscovered in Adobe Acrobat and Readerthis year, with evidence of abuse in the wild. A month ago, news broke of CVE-2023-26369, a vulnerability whose “successful exploitation could lead to arbitrary code execution.”

To run the malware, the victim was required to open a specially crafted PDF document. Federal Civilian Executive Branch (FCEB) agencies should apply the available patches by the end of October this year.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ViaThe Hacker News

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A critical Palo Alto Networks bug is being hit by cyberattacks, so patch now

3 reasons why PIA fell in our best VPN rankings

Cybersecurity is business survival and CISOs need to act now