CVE-2020-24441
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information stored in databases used by the application. Exploitation requires a victim to download and run a malicious application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Adobe | Acrobat Reader | unspecified <= 20.6.2 | affected |
| Adobe | Acrobat Reader | unspecified <= None | affected |
Weaknesses
- CWE-284: Improper Access Control (CWE-284)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.