Adobe Acrobat Remote Code Execution Vulnerability
RISK: High Risk
TYPE: Clients - Productivity Products
A vulnerability was identified in Adobe Acrobat. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Note:
CVE-2026-34621 is being exploited in the wild. It was affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Hence, the risk level is rated as High Risk.
Impact
- Remote Code Execution
System / Technologies affected
- Acrobat DC: version 26.001.21367 and earlier
Acrobat Reader DC: version 26.001.21367 and earlier
Acrobat 2024: version 24.001.30356 and earlier
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
Update to:
Acrobat DC: version 26.001.21411 or later
Acrobat Reader DC: version 26.001.21411 or later
Acrobat 2024 (for macOS): version 24.001.30360 or later
Acrobat 2024 (for Windows): version 24.001.30362 or later
沒有留言:
發佈留言