Rewterz Threat Alert – Molerats APT -Active IOCs
February 10, 2022Rewterz Threat Update – Windows Utility Regsvr32 Targeted by Cybercriminals – Active IOCs
February 10, 2022Rewterz Threat Alert – Molerats APT -Active IOCs
February 10, 2022Rewterz Threat Update – Windows Utility Regsvr32 Targeted by Cybercriminals – Active IOCs
February 10, 2022Severity
Medium
Analysis Summary
CVE-2022-23202
Adobe Creative Cloud could allow a remote attacker to execute arbitrary code on the system, caused by an uncontrolled search path element flaw. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2022-23200
Adobe After Effects could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write. By persuading a victim to open a specially-crafted document, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Code Execution
Indicators of Compromise
CVE
- CVE-2022-23202
- CVE-2022-23200
Affected Vendors
- Adobe
- Adobe Creative Cloud
Affected Products
- Adobe Creative Cloud Desktop Application (Installer) 2.7.0.13
- Adobe After Effects 22.1.1
- Adobe After Effects 18.4.3
Remediation
Refer to Adobe Security Bulletin for patch, upgrade or suggested workaround information.
CVE-2022-23202