Skip to main content

Adobe Monthly Security Update (April 2023)

Release Date: 12 Apr 2023 5812 Views

RISK: Medium Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe Digital EditionsMedium Risk Medium RiskRemote Code Execution APSB23-04
Adobe InCopyMedium Risk Medium RiskRemote Code Execution APSB23-13
Adobe Acrobat and ReaderMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
Information Disclosure
Security Restriction Bypass
 APSB23-24
Adobe Substance 3D StagerMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB23-26
Adobe DimensionMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB23-27
Adobe Substance 3D DesignerMedium Risk Medium RiskRemote Code Execution APSB23-28

 

Number of 'Extremely High Risk' product(s): 0

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 6

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Medium Risk


Impact

  • Elevation of Privilege
  • Information Disclosure
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Adobe Digital Editions 4.5.11.187303 and earlier versions
  • Adobe InCopy  18.1 and earlier versions
  • Adobe InCopy  17.4 and earlier versions
  • Acrobat DC 23.001.20093 and earlier versions
  • Acrobat Reader DC 23.001.20093 and earlier versions
  • Acrobat 2020 20.005.30441 and earlier versions
  • Acrobat Reader 2020 20.005.30441 and earlier versions
  • Adobe Substance 3D Stager 2.0.1 and earlier versions
  • Adobe Dimension 3.4.8 and earlier versions
  • Adobe Substance 3D Designer 12.4.0 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

Vulnerability Identifier


Source


Related Link