Issued: Thursday, 14 April, 2022 |
Last Revision: Thursday, 14 April, 2022 |
Vendor: |
Product: |
Severity Level: |
Adobe has issued security update for Apr 2022, which address multiple critical, important and moderate vulnerabilities in its products. It appears that none of Adobe's bugs fixed in this month are publicly known or under active attack.
Adobe products that are patched in this month security update includes- Adobe Acrobat and Reader, Adobe Photoshop, Adobe After Effects and Adobe Commerce.
Adobe has fixed problem of arbitrary code execution, memory leak, security feature bypass and privilege escalation.
CVE/Vulnerability | Description | Severity |
Multiple Vulnerabilities | Arbitrary code execution, memory leak, security feature bypass and privilege escalation | Critical |
CVE-2022-27783 CVE-2022-27784 | Arbitrary code execution | Critical |
Multiple Vulnerabilities | Arbitrary code execution | Critical |
CVE-2022-24093 | Arbitrary code execution | Critical |
Table 1: Vulnerability details
Affected Product(s) | Version | Platform |
Acrobat DC | 22.001.20085 and earlier versions | Windows & macOS |
Acrobat Reader DC | 22.001.20085 and earlier versions | Windows & macOS |
Acrobat 2020 | 20.005.30314 and earlier versions (Windows) 20.005.30311 and earlier versions (macOS) | Windows & macOS |
Acrobat Reader 2020 | 20.005.30314 and earlier versions (Windows) 20.005.30311 and earlier versions (macOS) | Windows & macOS |
Acrobat 2017 | 17.012.30205 and earlier versions | Windows & macOS |
Acrobat Reader 2017 | 17.012.30205 and earlier versions | Windows & macOS |
Adobe After Effects | 22.2.1 and earlier versions | Windows & macOS |
Adobe After Effects | 18.4.5 and earlier versions | Windows & macOS |
Photoshop 2021 | 22.5.6 and earlier versions | Windows & macOS |
Photoshop 2021 | 23.2.2 and earlier versions | Windows & macOS |
Adobe Commerce | 2.4.3-p1 and earlier versions
| All |
Adobe Commerce | 2.3.7-p2 and earlier versions | All |
Magento Open Source | 2.4.3-p1 and earlier versions
| All |
Magento Open Source | 2.3.7-p2 and earlier versions | All |
Table 2: Vulnerable versions
Organizations are strongly encouraged to apply appropriate update using the vendor provided instruction as soon as possible.