CVE-2020-9695 – Adobe Acrobat Reader

CVSS 7.8 IMPORTANT High with EoP or RCE – Expedited Deployment

“Opening the wrong document should never open the door to an attacker.”

This security update addresses CVE-2020-9695, a high-severity out-of-bounds write vulnerability affecting Adobe Acrobat Reader. A specially crafted PDF file can trigger memory corruption, allowing arbitrary code execution in the context of the current user. Exploitation requires the user to open a malicious file. The CVSS score is 7.8, which is High severity.

The update corrects the memory handling issue that causes the out-of-bounds write, preventing attackers from executing arbitrary code through malicious PDF documents. There is no verified evidence of active real-world exploitation or a public proof-of-concept for this vulnerability.

Key Details

Affected Product
Adobe Acrobat Dc
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
CWE Classification
CWE-787
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.