Adobe has released six advisories addressing multiple vulnerabilities in Acrobat and Reader, Digital Editions, InCopy, Substance 3D Stager, Dimension, Substance 3D Designer products.
An attacker could exploit these vulnerabilities and potentially take over impacted systems.
Adobe has released six security bulletins for the following products that address security vulnerabilities (along with number of Critical flaws):
- APSB23-04: Digital Editions (1 Critical)
- APSB23-13: InCopy (1 Critical)
- APSB23-24: Acrobat and Reader (14 Critical)
- APSB23-26: Substance 3D Stager (10 Critical)
- APSB23-27: Dimension (14 Critical)
- APSB23-28: Substance 3D Designer (9 Critical).
Adobe warned successful exploitation of the Acrobat and Reader vulnerabilities could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. The Critical vulnerabilities CVSS scores range from 7.8 to 8.6.
- Microsoft April 2023 Security Updates Fixes 97 Vulnerabilities (7 Critical, 1 zero-day)
- Apple patches 2 zero-day vulnerabilities in iOS 16.4.1 and macOS Ventura 13.3.1
- CISA Adds Veritas, Windows and Arm Mali GPU Vulnerabilities To Known Exploited Vulnerabilities Catalog
- Threat actors abuse Windows debugger tool to disguise PlugX trojan attacks