Adobe Acrobat and Reader Untrusted Search Path Vulnerability Allowing Arbitrary Code Execution

A vulnerability has been identified in Adobe Acrobat and Reader applications for Windows and macOS, specifically in versions through 24.001.30264, 20.005.30793, 25.001.20982, 24.001.30273, and 20.005.30803. This vulnerability involves an untrusted search path that could enable attackers to execute arbitrary code in the context of the current user. By manipulating the search path used to locate essential resources, an attacker could redirect it to a malicious program that the application would then execute. Notably, exploitation of this vulnerability does not require user interaction.

Impact

Successful exploitation of this vulnerability could lead to arbitrary code execution on the affected system.

Remediation

Users are advised to update to the latest versions of Adobe Acrobat or Adobe Acrobat Reader. The latest versions can be downloaded from the Adobe website or via the Adobe Update mechanism. For IT administrators, updates can be deployed using preferred methodologies such as SCUP/SCCM on Windows or Apple Remote Desktop and SSH on macOS.