CVE-2023-21579

Summary

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Software

VendorProductVersion RangeStatus
AdobeAcrobat Readerunspecified <= 20.005.30418affected
AdobeAcrobat Readerunspecified <= 22.003.20282affected
AdobeAcrobat Readerunspecified <= 22.003.20281affected
AdobeAcrobat Readerunspecified <= Noneaffected

Weaknesses

  • CWE-190: Integer Overflow or Wraparound (CWE-190)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References