Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.2108
APSB23-24 : Security update available for Adobe Acrobat and Reader
12 April 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Adobe Acrobat
Adobe Reader
Publisher: Adobe
Operating System: Windows
macOS
Resolution: Patch/Upgrade
CVE Names: CVE-2023-26425 CVE-2023-26424 CVE-2023-26423
CVE-2023-26422 CVE-2023-26421 CVE-2023-26420
CVE-2023-26419 CVE-2023-26418 CVE-2023-26417
CVE-2023-26408 CVE-2023-26407 CVE-2023-26406
CVE-2023-26405 CVE-2023-26397 CVE-2023-26396
CVE-2023-26395
Original Bulletin:
https://helpx.adobe.com/security/products/acrobat/apsb23-24.html
Comment: CVSS (Max): 8.6 CVE-2023-26408 (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H)
CVSS Source: Adobe
Calculator: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
- --------------------------BEGIN INCLUDED TEXT--------------------
Security update available for Adobe Acrobat and Reader | APSB23-24
Bulletin ID Date Published Priority
APSB23-24 April 11, 2023 3
Summary
Adobe has released security updates for Adobe Acrobat and Reader for Windows
and macOS. These updates address critical and important vulnerabilities.
Successful exploitation could lead to arbitrary code execution, privilege
escalation, security feature bypass and memory leak.
Affected Versions
Product Track Affected Versions Platform
Acrobat DC Continuous 23.001.20093 and earlier Windows &
versions macOS
Acrobat Reader DC Continuous 23.001.20093 and earlier Windows &
versions macOS
Acrobat 2020 Classic 2020 20.005.30441 and earlier Windows &
versions macOS
Acrobat Reader Classic 2020 20.005.30441 and earlier Windows &
2020 versions macOS
For questions regarding Acrobat DC, please visit the Acrobat DC FAQ page .
For questions regarding Acrobat Reader DC, please visit the Acrobat Reader DC
FAQ page .
Solution
Adobe recommends users update their software installations to the latest
versions by following the instructions below.
The latest product versions are available to end users via one of the following
methods:
o Users can update their product installations manually by choosing Help >
Check for Updates.
o The products will update automatically, without requiring user
intervention, when updates are detected.
o The full Acrobat Reader installer can be downloaded from the Acrobat Reader
Download Center .
For IT administrators (managed environments):
o Refer to the specific release note version for links to installers.
o Install updates via your preferred methodology, such as AIP-GPO,
bootstrapper, SCUP/SCCM (Windows), or on macOS, Apple Remote Desktop and
SSH.
Adobe categorizes these updates with the following priority ratings and
recommends users update their installation to the newest version:
Product Track Updated Platform Priority Availability
Versions Rating
Acrobat DC Continuous 23.001.20143 Windows and 3 Release
macOS Notes
Acrobat Reader Continuous 23.001.20143 Windows and 3 Release
DC macOS Notes
Acrobat 2020 Classic 20.005.30467 Windows and 3 Release
2020 macOS Notes
Acrobat Reader Classic 20.005.30467 Windows and 3 Release
2020 2020 macOS Notes
Vulnerability Details
Vulnerability Vulnerability Severity CVSS base CVSS vector CVE Number
Category Impact score
CVSS:3.1/
Out-of-bounds Arbitrary AV:L/AC:L/
Write ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26395
CWE-787 ) execution S:U/C:H/I:H/
A:H
Violation of CVSS:3.1/
Secure Design Privilege AV:L/AC:H/
Principles ( escalation Important 6.6 PR:L/UI:R/ CVE-2023-26396
CWE-657 ) S:C/C:L/I:H/
A:L
CVSS:3.1/
Out-of-bounds AV:L/AC:L/
Read ( Memory leak Important 5.5 PR:N/UI:R/ CVE-2023-26397
CWE-125 ) S:U/C:H/I:N/
A:N
Improper CVSS:3.1/
Input Arbitrary AV:L/AC:L/
Validation ( code Critical 8.6 PR:N/UI:R/ CVE-2023-26405
CWE-20 ) execution S:C/C:H/I:H/
A:H
Improper CVSS:3.1/
Access Security AV:L/AC:L/
Control ( feature Critical 8.6 PR:N/UI:R/ CVE-2023-26406
CWE-284 ) bypass S:C/C:H/I:H/
A:H
Improper CVSS:3.1/
Input Arbitrary AV:L/AC:L/
Validation ( code Critical 8.6 PR:N/UI:R/ CVE-2023-26407
CWE-20 ) execution S:C/C:H/I:H/
A:H
Improper CVSS:3.1/
Access Security AV:L/AC:L/
Control ( feature Critical 8.6 PR:N/UI:R/ CVE-2023-26408
CWE-284 ) bypass S:C/C:H/I:H/
A:H
CVSS:3.1/
Use After Arbitrary AV:L/AC:L/
Free ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26417
CWE-416 ) execution S:U/C:H/I:H/
A:H
CVSS:3.1/
Use After Arbitrary AV:L/AC:L/
Free ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26418
CWE-416 ) execution S:U/C:H/I:H/
A:H
CVSS:3.1/
Use After Arbitrary AV:L/AC:L/
Free ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26419
CWE-416 ) execution S:U/C:H/I:H/
A:H
CVSS:3.1/
Use After Arbitrary AV:L/AC:L/
Free ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26420
CWE-416 ) execution S:U/C:H/I:H/
A:H
Integer CVSS:3.1/
Underflow Arbitrary AV:L/AC:L/
(Wrap or code Critical 7.8 PR:N/UI:R/ CVE-2023-26421
Wraparound) ( execution S:U/C:H/I:H/
CWE-191 ) A:H
CVSS:3.1/
Use After Arbitrary AV:L/AC:L/
Free ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26422
CWE-416 ) execution S:U/C:H/I:H/
A:H
CVSS:3.1/
Use After Arbitrary AV:L/AC:L/
Free ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26423
CWE-416 ) execution S:U/C:H/I:H/
A:H
CVSS:3.1/
Use After Arbitrary AV:L/AC:L/
Free ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26424
CWE-416 ) execution S:U/C:H/I:H/
A:H
CVSS:3.1/
Out-of-bounds Arbitrary AV:L/AC:L/
Read ( code Critical 7.8 PR:N/UI:R/ CVE-2023-26425
CWE-125 ) execution S:U/C:H/I:H/
A:H
Acknowledgements
Adobe would like to thank the following for reporting these issues and for
working with Adobe to help protect our customers:
o Mark Vincent Yason (@MarkYason) working with Trend Micro Zero Day
Initiative - CVE-2023-26417, CVE-2023-26418, CVE-2023-26419,
CVE-2023-26420, CVE-2023-26422, CVE-2023-26423,
o AbdulAziz Hariri (@abdhariri) of Haboob SA (@HaboobSa) - CVE-2023-26405,
CVE-2023-26406, CVE-2023-26407, CVE-2023-26408
o Anonymous working with Trend Micro Zero Day Initiative - CVE-2023-26424,
CVE-2023-26425, CVE-2023-26421
o Qingyang Chen of Topsec Alpha Team CVE-2023-26395
o Koh M. Nakagawa (tsunekoh) - CVE-2023-26396
o Kai Lu (k3vinlusec) - CVE-2023-26397
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBZDYiJMkNZI30y1K9AQigwQ/+PhmpCfHPQKIBCIDhcc8GGnzNyt3WBbxv
1ewMq2iDFuQR5dKbXRoALSZQTcFG5Mhu95gQAODoePpdD4CYuoT9HSrQxvJRcpYf
INdbLk5/bX9WM9UnKA1sqqwE2cdqFwzAy9BPvov68F7RXtyf4lOow0aSg/dsbg9h
89SKjJGo3uSRVy8ouFlONqNX3iKeDEVKeYhNpCJvDrGd5QCNvKStSUkCDJVWi4fL
uAOo/MfOFbGgL2NdoCTJzX831cFGOu1LDuLYdMdtdZ7YGwdow1AT0SUcCrGbvqe7
U5POKMCk2lo3I0MhZnkNhmUniumsF3pI6du22wKEB9tt4w/f4RMWjnjMuIPSIYuW
5Kk6o1vWtY2qrG8lp8DvV0oHeL7ydJMMxwm87mwv0jhiSRTsnhkDTrY8tvpnB0Zm
Q2AH1JJ/5lk9rj7Pn1VO1P05vuaKm8E1HUlbDMZcSxBcSiOzYcHhgK7oRBBgdfk+
PkLmBF+YxAYPKOz5ec3CKyaL7/mh/laPLAfRULN/y4KuUBLtW8eD0wJYveo+rhcU
gCFizs08sDi+9ZIOjML72Z5a0KlovxqXpX/uF52Mz4Wdb+yEHqk3zb9XtppBDXdt
30n2kMONwx0sbJA4hBLK6wDYXQYhuj6NUxne9gYln8GvtN0N38xkCsovy01TPzEk
p3Xo8EuMXtY=
=s+hq
-----END PGP SIGNATURE-----