Adobe Acrobat and Reader Improper Verification of Cryptographic Signature Vulnerability Allowing Security Feature Bypass
Vulnerability
A vulnerability has been identified in Adobe Acrobat and Reader versions through 25.001.20982, 24.001.30264, 24.001.30273, 20.005.30793, and 20.005.30803. This vulnerability involves improper verification of cryptographic signatures, which could lead to a bypass of security features. Exploitation of this issue could allow an attacker to circumvent cryptographic protections and gain limited unauthorized write access, without requiring user interaction.
Impact
Exploitation of this vulnerability could result in a bypass of cryptographic protections, allowing unauthorized write access.
Remediation
Users are advised to update to the latest versions of Adobe Acrobat or Reader. The latest versions can be downloaded from the Adobe website or via the Adobe Update mechanism. For IT administrators, updates are available through various deployment methods, including SCCM and Apple Remote Desktop.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.