Exposures › CVE-2020-9715
Adobe Acrobat use-after-free vulnerability (CVE-2020-9715) enables remote code execution and was actively exploited in the wild.
This use-after-free flaw in Adobe Acrobat allows attackers to execute arbitrary code remotely, posing a severe risk to DIB organizations relying on Acrobat for document handling. The vulnerability was actively exploited before a patch existed, creating a zero-day window that compromises confidentiality and integrity of sensitive data. DIB orgs must immediately patch Acrobat and audit all document processing workflows to prevent unauthorized access.
Shame score — Adobe failed to patch a critical use-after-free vulnerability promptly, allowing active exploitation in the wild before disclosure.
Adobe Acrobat contains a use-after-free vulnerability that allows for code execution
| Product | Provider | Status | Match |
|---|---|---|---|
| Adobe Acrobat Sign for Government | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Analytics | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Campaign | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Connect Managed Services (ACMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Creative Cloud for Enterprise | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Document Cloud (PDF Services & Adobe Sign) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Experience Manager Managed Services (AEMMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Learning Manager | Adobe | Authorized | vendor-exact · 0.90 |