Skip to main content
Creating a new NHS England: Health Education England, NHS Digital and NHS England have merged. More about the merger.

Actively Exploited Critical Vulnerability in Adobe Acrobat and Reader

Adobe releases three security updates to address multiple vulnerabilities including an actively exploited Critical vulnerability in Adobe Acrobat and Reader

Threat ID:
CC-4380
Threat Severity:
Medium
Published:
13 September 2023 4:04 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Adobe releases three security updates to address multiple vulnerabilities including an actively exploited Critical vulnerability in Adobe Acrobat and Reader

Affected platforms

The following platforms are known to be affected:

Adobe Acrobat and Reader for Windows & macOS

Adobe Connect

Adobe Experience Manager

Threat details

Introduction

Adobe has released security updates to address multiple vulnerabilities in Adobe Connect, Adobe Acrobat and Reader and Adobe Experience Manager. The security updates include an actively exploited Critical vulnerability in Adobe Acrobat and Reader. The vulnerability is known as CVE-2023-26369, with CVSSv3 score of 7.8. Successful exploitation could lead to arbitrary code execution.

Exploitation of CVE-2023-26369

Adobe is aware that CVE-2023-26369 has been exploited in the wild

Remediation advice

Organisations are encouraged to review the Adobe security advisory for the following products and apply the relevant updates.

Remediation steps

Type Step
Patch

Security update available for Adobe Acrobat and Reader | APSB23-34


https://helpx.adobe.com/security/products/acrobat/apsb23-34.html
Patch

Security update available for Adobe Connect | APSB23-33 


https://helpx.adobe.com/security/products/connect/apsb23-33.html
Patch

Security update available for Adobe Experience Manager | APSB23-43


https://helpx.adobe.com/security/products/experience-manager/apsb23-43.html

Definitive source of threat updates

Last edited: 13 September 2023 4:04 pm