Security Advisory: Adobe Vulnerabilities Allow Arbitrary Code Execution
CyberHoot Vulnerability Alert Management Process Rating (VAMP): Critical/Red
June 15th, 2022: CyberHoot has learned of multiple Adobe Product vulnerabilities, where the most severe of which could allow for arbitrary code execution. This means a hacker could exploit some of these vulnerabilities to take control of an affected system.
Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with administrative rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
Adobe Product Vulnerabilities
The technical details of the vulnerabilities are as follows:
Adobe Premiere Rush
- Out-of-bounds Read, which could allow for Privilege escalation. (CVE-2022–23204)
- Out-of-bounds Write which could allow for Arbitrary code execution. (CVE-2022–23186)
- NULL Pointer Dereference which could allow for Application denial-of-service (CVE-2022–23189, CVE-2022–23198, CVE-2022–23199)
- Access of Memory Location After End of Buffer which could allow for a Memory leak (CVE-2022–23190, CVE-2022–23191, CVE-2022–23192, CVE-2022–23193, CVE-2022–23194, CVE-2022–23195)
- Out-of-bounds Read which could allow for a Memory leak (CVE-2022–23196, CVE-2022–23197)
- Buffer Overflow which could allow for Arbitrary code execution (CVE-2022–23188)
- Buffer Overflow which could allow for Arbitrary code execution. (CVE-2022–23203)
Adobe After Effects
- Out-of-bounds Write which could allow for Arbitrary code execution. (CVE-2022–23200)
Adobe Creative Cloud Desktop
- Uncontrolled Search Path Element which could allow for arbitrary code execution. (CVE-2022–23202)
What Should You Do?
CyberHoot recommends that the following actions be taken to secure your Adobe software and company systems:
- Install the updates provided by Adobe immediately.
- Go to your Adobe Creative Cloud app > Under Apps, Click Updates > Click Update All in the top right corner
- Go to any Adobe Application > Click the Help menu (top of your screen) > Click Updates > You will be prompted to update the software
- Run all software as a non-privileged user (without administrative privileges) to reduce the effects of a successful attack.
- Train users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments, especially from un-trusted sources.
- Apply the Principle of Least Privilege to all systems and services.
YOU HAVE A VULNERABILITY ALERT MANAGEMENT PROCESS, RIGHT?
If you’re a subscriber to CyberHoot’s services, you’ll have access to our Policy and Process library which contains the vulnerability alert management process document. This document prescribes how to respond to situations like this and in what time frame. If your company has not yet adopted a VAMP-like process, now is a great time to get started.