Rewterz Threat Alert – Cyclops Blink – Active IOCs
March 18, 2022Rewterz Threat Advisory – CVE-2022-26899 – Microsoft Edge (Chromium-based) Vulnerability
March 21, 2022Rewterz Threat Alert – Cyclops Blink – Active IOCs
March 18, 2022Rewterz Threat Advisory – CVE-2022-26899 – Microsoft Edge (Chromium-based) Vulnerability
March 21, 2022Severity
High
Analysis Summary
CVE-2022-24091
Adobe Acrobat Reader DC could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in the parsing of embedded fonts. By persuading a victim to open a specially-crafted font file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
CVE-2022-24092
Adobe Acrobat Reader DC could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write flaw in the parsing of embedded fonts. By persuading a victim to open a specially-crafted font file, an attacker could exploit this vulnerability to execute arbitrary code in the context of the current process.
Impact
- Code Execution
Indicator Of Compromise
CVE
- CVE-2022-24091
Affected Vendors
Adobe
Affected Products
- Adobe Acrobat Reader DC 21.007.20099
Remediation
Refer to Adobe Security Advisory for patch, upgrade, or suggested workaround information.