Issued: Thursday, 10 February, 2022 |
Last Revision: Thursday, 10 February, 2022 |
Vendor: |
Product: |
Severity Level: |
Adobe has issued security update for Feb 2022, which address multiple critical, important and moderate vulnerabilities in its products.
Adobe products that are patched in this month security update includes- Adobe Premiere Rush, Illustrator, Photoshop, Adobe After Effects, and Creative Cloud Desktop Application.
Adobe has fixed problem of denial-of-service (DoS), arbitrary code execution, privilege escalation, and memory leaks.
CVE/Vulnerability | Description | Severity |
CVE-2022-23204 | Privilege escalation | Moderate |
Multiple CVEs | Privilege escalation, application denial of service, and memory leak | Critical, Important and Moderate |
CVE-2022-23203 | Arbitrary code execution | Critical |
CVE-2022-23200 | Arbitrary code execution | Critical |
CVE-2022-23202 | Arbitrary code execution | Critical |
Table 1: Vulnerability details
Affected Product(s) | Version | Platform |
Adobe Premiere Rush | 2.0 and earlier versions | Windows |
Illustrator 2022 | 26.0.2 and earlier versions
| Windows and macOS |
Illustrator 2021 | 25.4.3 and earlier versions | Windows and macOS |
Photoshop 2021 | 22.5.4 and earlier versions | Windows and macOS |
Photoshop 2022 | 23.1 and earlier versions | Windows and macOS |
Adobe After Effects | 22.1.1 and earlier versions | Windows and macOS |
Adobe After Effects | 18.4.3 and earlier versions | Windows and macOS |
Creative Cloud Desktop Application (Installer) | 2.7.0.13 and earlier versions | Windows |
Table 2: Vulnerable versions
Organizations are strongly encouraged to review and apply appropriate update using the vendor provided instruction, particularly patches for critical vulnerabilities