Critical Adobe Acrobat Reader Vulnerabilities Exposed: Millions at Risk

Recently, Cisco’s Talos intelligence group unveiled critical vulnerabilities in Adobe Acrobat Reader, a widely used PDF tool. These vulnerabilities, if exploited, could lead to arbitrary code execution, compromising the security and privacy of millions of users.

CVE-2023-44336 (CVSS score of 8.8) Adobe Acrobat Reader Thermometer use-after-free vulnerability

The first vulnerability, CVE-2023-44336, resides within the Thermometer JavaScript object, a component responsible for rendering PDF documents with embedded JavaScript code. An attacker exploiting this vulnerability could craft malicious JavaScript code that triggers a use-after-free condition, leading to memory corruption and, ultimately, arbitrary code execution.

There exists a vulnerability in the way Adobe Reader DC handles Thermometer object which can lead to a use-after-free vulnerability,” Cisco’s security researchers explain.

CVE-2023-44372 (CVSS score of 8.8) Adobe Acrobat Reader U3D page event use-after-free vulnerability

The second vulnerability, CVE-2023-44372, stems from a flaw in Adobe Acrobat’s handling of U3D page event processing. U3D, a file format for 3D graphics, is commonly encountered in interactive PDFs. The vulnerability arises from an improper handling of event objects associated with U3D content. This flaw could be exploited to gain arbitrary read and write access to the victim’s system, paving the way for arbitrary code execution.

The crash occurs when esi is dereferenced, as if it were an object pointer. Depending on the memory layout of the process, it may be possible to abuse this vulnerability for arbitrary read and write access, which could ultimately be abused to achieve arbitrary code execution,” Cisco’s security researchers explain.

Mitigation Strategies

Fortunately, Adobe has promptly addressed both vulnerabilities through security updates. It is crucial for users to ensure they are running the latest version of Adobe Acrobat Reader to minimize their exposure to these threats.

In addition to applying the latest security patches, users can further safeguard themselves by adopting a proactive approach to cybersecurity:

  • Avoid opening unsolicited PDF attachments from unknown senders.

  • Download PDF files only from trusted sources.

  • Enable Adobe Acrobat Reader’s enhanced security mode.

  • Keep your operating system and other software up to date.