Back

Arbitrary Code Execution Vulnerabilities Found in Adobe and Apple Products

Severity: Medium (Score: 54.9)

Sources: Cisecurity

Summary

Multiple vulnerabilities have been identified in Adobe and Apple products, both allowing for arbitrary code execution. The most severe vulnerabilities could enable attackers to execute code in the context of the logged-on user, potentially leading to unauthorized program installations, data manipulation, or account creation with full rights. Users with administrative privileges are at greater risk than those with limited rights. As of now, there are no confirmed reports of these vulnerabilities being exploited in the wild. Adobe products affected include Substance 3D Designer, Substance 3D Painter, and Substance 3D Sampler, while Apple products were not specified in detail. Security recommendations have been issued to mitigate risks associated with these vulnerabilities. Key Points: • Severe vulnerabilities in Adobe and Apple products could allow arbitrary code execution. • Users with administrative rights face higher risks from these vulnerabilities. • No confirmed exploitation of these vulnerabilities has been reported yet.

Key Entities

  • Zero-day Exploit (attack_type)
  • T1189 - Drive-by Compromise (mitre_attack)
  • T1203 - Exploitation for Client Execution (mitre_attack)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed