Adobe Premiere Pro Vulnerable to Heap-based Buffer Overflow
CVE-2024-53956

7.8HIGH

Key Information:

Vendor: Adobe
Status: Premiere Pro
Vendor: CVE Published:; 10 December 2024

What is CVE-2024-53956?

Adobe Premiere Pro, including versions 25.0 and 24.6.3, suffers from a Heap-based Buffer Overflow vulnerability that could enable arbitrary code execution when a victim opens a specially crafted malicious file. This requires user interaction, making it imperative for users to remain vigilant when handling unknown files. The vulnerability poses significant risks, especially in environments where Premiere Pro is widely used for video editing and content creation.

Affected Version(s)

Premiere Pro 0 <= 24.6.3

References

https://helpx.adobe.com/security/products/premiere_pro/ap...

vendor-advisory

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 10, 2024