Multiple Adobe Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-30275 CVSS:7.8

Adobe Aero could allow a remote attacker to execute arbitrary code on the system, caused by a use-after-free error. By persuading a victim to open a specially crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash.

CVE-2024-30314 CVSS:7.8

Adobe Dreamweaver could allow a remote attacker to execute arbitrary code on the system, caused by an OS command injection error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to execute arbitrary commands on the system with the privileges of the victim or cause the application to crash.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2024-30275
CVE-2024-30314

Affected Vendors

Adobe

Affected Products

Adobe Aero 0.23.4
Adobe Dreamweaver 21.3

Remediation

Refer to Adobe Security Advisory for patch, upgrade or suggested workaround information.

CVE-2024-30275

CVE-2024-30314

Multiple Adobe FrameMaker Vulnerabilities

Cybercriminals Leverage FileZilla and GitHub to Distribute Malware – Active IOCs

Multiple Adobe Products Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan