Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-9715

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .

Published

2020-08-19T14:15:13.407

Last Modified

2025-05-05T17:16:05.580

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

  • Access Vector: NETWORK
  • Access Complexity: MEDIUM
  • Authentication: NONE
  • Confidentiality Impact: COMPLETE
  • Integrity Impact: COMPLETE
  • Availability Impact: COMPLETE
Exploitability Score

8.6

Impact Score

10.0

Weaknesses
  • Type: Primary
    CWE-416
  • Type: Secondary
    CWE-416
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application adobe acrobat_dc ≤ 15.006.30523 Yes
Application adobe acrobat_dc ≤ 20.009.20074 Yes
Application adobe acrobat_dc ≤ 17.011.30171 Yes
Application adobe acrobat_dc 20.001.30002 Yes
Application adobe acrobat_reader_dc ≤ 15.006.30523 Yes
Application adobe acrobat_reader_dc ≤ 20.009.20074 Yes
Application adobe acrobat_reader_dc ≤ 17.011.30171 Yes
Application adobe acrobat_reader_dc 20.001.30002 Yes
Operating System apple macos - No
Operating System microsoft windows - No
References