Rewterz Threat Advisory – ICS: Multiple Siemens Parasolid Vulnerabilities
October 11, 2023Rewterz Threat Advisory – Multiple Microsoft Windows Products Vulnerabilities
October 11, 2023Rewterz Threat Advisory – ICS: Multiple Siemens Parasolid Vulnerabilities
October 11, 2023Rewterz Threat Advisory – Multiple Microsoft Windows Products Vulnerabilities
October 11, 2023Severity
Medium
Analysis Summary
CVE-2023-26370 CVSS:7.8
Adobe Photoshop could allow a remote attacker to execute arbitrary code on the system, caused by an access of uninitialized pointer error. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-38217 CVSS:5.5
Refer to Adobe Security Bulletin APSB23-51 for patch, upgrade or suggested workaround information.
CVE-2023-38216 CVSS:5.5
Adobe Bridge could allow a remote attacker to obtain sensitive information, caused by a use-after-free error. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to obtain sensitive information.
Impact
- Code Execution
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-26370
- CVE-2023-38217
- CVE-2023-38216
Affected Vendors
Adobe
Affected Products
- Adobe Photoshop 2022 23.5.5
- Adobe Photoshop 2023 24.7
- Adobe Bridge 12.0.4
- Adobe Bridge 13.0.3
Remediation
Refer to Adobe Security Bulletin for patch, upgrade or suggested workaround information.