Adobe has released security patches to address vulnerabilities in its Reader Mobile and Connect products.
“Adobe has published security bulletins for Adobe Connect (APSB20-69) and Adobe Reader Mobile (APSB20-71). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the relevant bulletin.” reads the security advisory published by the company.
The flaws have been reported to Adobe by researchers Saulius Pranckevicius from Danske Bank Red Team (CVE-2020-24442) and Shaun Budding (@pudsec) (CVE-2020-24443).
The software giant addressed the flaw with the release of Connect 11.0.5.
In Adobe Reader Mobile for Android, the company addressed an important-severity improper access control flaw, tracked as CVE-2020-24441, that can lead to the disclosure of sensitive information.
The vulnerability was reported to Adobe by the security researcher Pedro Oliveira (@kanytu).
The good news is that the company is not aware of any attacks in the wild exploiting these vulnerabilities.
In early November, Adobe has addressed 14 vulnerabilities in its Acrobat products, including critical flaws that can be exploited by attackers for arbitrary code execution.
The vulnerabilities impact the Windows and macOS versions of Acrobat DC, Acrobat Reader DC, Acrobat 2020, Acrobat Reader 2020, Acrobat 2017, and Acrobat Reader 2017.
(SecurityAffairs – hacking, Adobe )
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.