CVE-2020-24441

Summary

Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information stored in databases used by the application. Exploitation requires a victim to download and run a malicious application.

Affected Software

VendorProductVersion RangeStatus
AdobeAcrobat Readerunspecified <= 20.6.2affected
AdobeAcrobat Readerunspecified <= Noneaffected

Weaknesses

  • CWE-284: Improper Access Control (CWE-284)

ADP Enrichment

CVE Program Container

Additional References

References