Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Active Exploitation of High Severity Vulnerability in Adobe Acrobat Products
Alerts

Active Exploitation of High Severity Vulnerability in Adobe Acrobat Products

13 October 2023

Adobe has released security updates to address a high severity vulnerability, known as a use-after-free vulnerability (CVE-2023-21608). The vulnerability is reportedly being actively exploited.

Successful exploitation of the vulnerability could result in remote code execution (RCE) with the privileges of the current user.

The following products are affected by the vulnerability:

  • Acrobat DC - 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions (fixed in 22.003.20310)

  • Acrobat Reader DC - 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions (fixed in 22.003.20310)

  • Acrobat 2020 - 20.005.30418 and earlier versions (fixed in 20.005.30436)

  • Acrobat Reader 2020 - 20.005.30418 and earlier versions (fixed in 20.005.30436)

Users of affected product versions are advised to update their software installations to the latest versions immediately by choosing Help > Check for Updates.

More information is available here:
https://helpx.adobe.com/security/products/acrobat/apsb23-01.html
https://www.securityweek.com/cisa-warns-of-attacks-exploiting-adobe-acrobat-vulnerability/amp/
https://nvd.nist.gov/vuln/detail/CVE-2023-21608
https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html

Back to top