CVE-2023-21611

Summary

Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Creation of Temporary File in Directory with Incorrect Permissions vulnerability that could result in privilege escalation in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Affected Software

VendorProductVersion RangeStatus
AdobeAcrobat Readerunspecified <= 20.005.30418affected
AdobeAcrobat Readerunspecified <= 22.003.20282affected
AdobeAcrobat Readerunspecified <= 22.003.20281affected
AdobeAcrobat Readerunspecified <= Noneaffected

Weaknesses

  • CWE-379: Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References