4 months ago
99
The government's cybersecurity watchdog, the Computer Emergency Response Team (Cert-In) has issued a new warning for users. The latest high-severity warning is against multiple vulnerabilities discovered in several Adobe products that are being used by Indian users. According to the report, multiple vulnerabilities have been reported in Adobe products which can be exploited by an attacker to cause memory leaks and bypass security restrictions on the targeted system.
List of affected Adobe products:
- Adobe Prelude 22.6 and earlier versions
- Illustrator 2024 28.0 and earlier versions
- Illustrator 2023 27.9 and earlier versions
- Adobe InDesign ID19.0 and earlier versions.
- Adobe InDesign ID17.4.2 and earlier version
- Adobe Dimension 3.4.10 and earlier versions
- Adobe Experience Manager (AEM) Cloud Service (CS)
- Adobe Experience Manager (AEM)6.5.18.0 and earlier version
- Adobe Substance 3D Stager 2.1.1 and earlier versions
- Adobe Substance 3D Sampler 4.2.1 and earlier versions
- Adobe After Effects 24.1
- Adobe After Effects 23.6.2
- Adobe Substance 3D Designer 13.0.0 and earlier versions
Cert-In has reported multiple vulnerabilities in these Adobe products that can allow attackers to bypass security restrictions, execute arbitrary code, escalate privileges and cause a denial of services (DoS) for targeted systems.
The report also mentions that these vulnerabilities exist in Adobe due to access of uninitialised pointer dereference, improper access control, cross-site scripting, and improper input validation.
What users can do?
Cert-In has advised users who access these Adobe apps to install a proper patch as soon as it's available. For this, users have to download and install the latest versions of these apps.
FacebookTwitterLinkedin
end of article
