Adobe Monthly Security Update (September 2023)
Release Date: 13 Sep 2023
RISK: Extremely High Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Connect |  Medium Risk | Cross-site Scripting Remote Code Execution | APSB23-33 | |
| Adobe Acrobat and Reader |  Extremely High Risk | Remote Code Execution | Exploit in the wild CVE-2023-26369 | APSB23-34 |
| Adobe Experience Manager | Medium Risk | Cross-site Scripting Remote Code Execution | APSB23-43 |
Number of 'Extremely High Risk' product(s): 1
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 2
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Extremely High Risk
Impact
- Remote Code Execution
- Cross-Site Scripting
System / Technologies affected
- Adobe Connect 12.3 and earlier versions
- Acrobat DC 23.003.20284 and earlier versions
- Acrobat Reader DC 23.003.20284 and earlier versions
- Acrobat 2020 20.005.30516 (Mac) 20.005.30514 (Win) and earlier versions
- Acrobat Reader 2020 20.005.30516 (Mac) 20.005.30514 (Win) and earlier versions
- Adobe Experience Manager (AEM) AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) 6.5.17.0 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
沒有留言:
發佈留言