Use After Free Vulnerability in Adobe Bridge Software
CVE-2020-9567

7.8HIGH

Key Information:

Vendor: Adobe
Status: Adobe Bridge
Vendor: CVE Published:; 26 June 2020

What is CVE-2020-9567?

Adobe Bridge, a digital asset management software, is susceptible to an use after free vulnerability. In versions 10.0.1 and earlier, this flaw can be exploited to execute arbitrary code. Attackers leveraging this vulnerability could potentially manipulate the software's memory management, leading to unauthorized actions and significant security risks. Users are advised to update to the latest version to mitigate these threats.

Affected Version(s)

Adobe Bridge 10.0.1 and earlier version versions

References

https://helpx.adobe.com/security/products/bridge/apsb20-1...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2020
Vulnerability Reserved
Mar 2, 2020