CVE-2020-9695 – Adobe Acrobat Reader
CVSS 7.8
IMPORTANT
High with EoP or RCE – Expedited Deployment
“Opening the wrong document should never open the door to an attacker.”
This security update addresses CVE-2020-9695, a high-severity out-of-bounds write vulnerability affecting Adobe Acrobat Reader. A specially crafted PDF file can trigger memory corruption, allowing arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. The CVSS score is 7.8, which is High severity.
The update corrects the memory handling issue that causes the out-of-bounds write, preventing attackers from executing arbitrary code through malicious PDF documents. There is no verified evidence of active real-world exploitation or a public proof-of-concept for this vulnerability.
Key Details
- Affected Product
- Adobe Acrobat Dc
- Attack Vector
- Local
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- Required
- CWE Classification
- CWE-787
Patch this CVE on all your endpoints in under 5 minutes.
First 200 endpoints are free forever, scale as needed.