Adobe Acrobat < 2017.011.30180 / 2020.001.30010 / 2020.013.20064 Multiple Vulnerabilities (APSB20-67) (macOS)

high Nessus Plugin ID 142468

Synopsis

The version of Adobe Acrobat installed on the remote macOS host is affected by multiple vulnerabilities.

Description

The version of Adobe Acrobat installed on the remote macOS host is a version prior to 2017.011.30180, 2020.001.30010, or 2020.013.20064. It is, therefore, affected by multiple vulnerabilities.

- Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. (CVE-2020-24437)

- Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary code as SYSTEM. Exploitation of this issue requires an attacker to socially engineer a victim, or the attacker must already have some access to the environment. (CVE-2020-24433)

- Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file in Acrobat Reader.
(CVE-2020-24435)

- Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. To exploit this issue, an attacker must acquire and then modify a certified PDF document that is trusted by the victim. The attacker then needs to convince the victim to open the document.
(CVE-2020-24432)

- Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process. (CVE-2020-24439)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Adobe Acrobat version 2017.011.30180 / 2020.001.30010 / 2020.013.20064 or later.

See Also

https://helpx.adobe.com/security/products/acrobat/apsb20-67.html

Plugin Details

Severity: High

ID: 142468

File Name: macos_adobe_acrobat_apsb20-67.nasl

Version: 1.11

Type: local

Agent: macosx

Published: 11/5/2020

Updated: 11/20/2024

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.5

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2020-24433

CVSS v3

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS Score Source: CVE-2020-24437

Vulnerability Information

CPE: cpe:/a:adobe:acrobat

Required KB Items: Host/local_checks_enabled, Host/MacOSX/Version, installed_sw/Adobe Acrobat

Exploit Ease: No known exploits are available

Patch Publication Date: 11/3/2020

Vulnerability Publication Date: 11/3/2020

Reference Information

CVE: CVE-2020-24426, CVE-2020-24427, CVE-2020-24428, CVE-2020-24429, CVE-2020-24430, CVE-2020-24431, CVE-2020-24432, CVE-2020-24433, CVE-2020-24434, CVE-2020-24435, CVE-2020-24436, CVE-2020-24437, CVE-2020-24438, CVE-2020-24439

IAVA: 2020-A-0506-S