Rewterz Threat Advisory – Multiple Adobe Bridge Vulnerabilties

Severity

Medium

Analysis Summary

CVE-2023-22231 CVSS:5.5

Adobe Bridge could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-22230 CVSS:7.8

Adobe Bridge could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-22229 CVSS:7.8

Adobe Bridge could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-22228 CVSS:7.8

Adobe Bridge could allow a remote attacker to execute arbitrary code on the system, caused by improper input validation. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2023-22226 CVSS:7.8

Adobe Bridge vulnerable to a stack-based buffer overflow. By persuading a victim to open a specially-crafted document, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

CVE-2023-21583 CVSS:5.5

Adobe Bridge could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds read. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.

CVE-2023-22227 CVSS:7.8

Adobe Bridge could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write error. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution
Information Disclosure
Buffer Overflow

Indicators Of Compromise

CVE

CVE-2023-22231
CVE-2023-22230
CVE-2023-22229
CVE-2023-22228
CVE-2023-22226
CVE-2023-21583
CVE-2023-22227

Affected Vendors

Adobe

Affected Products

Adobe Bridge 12.0.3
Adobe Bridge 13.0.1

Remediation

Refer to Adobe Security Bulletin for patch, upgrade or suggested workaround information.

Adobe Security Bulletin

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Adobe Photoshop Vulnerabilties

Rewterz Threat Advisory – Multiple Mozilla Firefox Vulnerabilities

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.