Rewterz

Rewterz Threat Alert – Shuckworm APT Group aka Armageddon – Active IOCs

March 13, 2023
Rewterz

Rewterz Threat Alert – Amadey Botnet – Active IOCs

March 14, 2023

Rewterz Threat Advisory – Multiple Adobe Illustrator Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2022-44502 CVSS:5.5

Adobe Illustrator could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.

CVE-2022-38436 CVSS:7.8

Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds read flaw. By persuading a victim to open a specially-crafted CDR file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

CVE-2022-38435 CVSS:5.5

Adobe Illustrator could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption flaw. By persuading a victim to open a specially-crafted PCX file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

Impact

  • Code Execution
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2022-44502
  • CVE-2022-38436
  • CVE-2022-38435

Affected Vendors

Adobe

Affected Products

  • Adobe Illustrator 2022 26.5.1
  • Adobe Illustrator 2023 27.0
  • Adobe Illustrator 2022 26.4
  • Adobe Illustrator 2021 25.4.7

Remediation

Refer to Adobe Security Bulletin for patch, upgrade or suggested workaround information.

CVE-2022-44502

CVE-2022-38436

CVE-2022-38435

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.