Issued: Wednesday, 26 October, 2022 |
Last Revision: Wednesday, 26 October, 2022 |
Vendor: |
Product: |
Severity Level: |
Updates released by Adobe for its Illustrator product patch two vulnerabilities that could lead to arbitrary code execution. According to Adobe, Illustrator 2021 and 2022 for Windows and macOS are affected by improper input validation and outof-bounds read vulnerabilities that could lead to malicious code execution.
| CVE/Vulnerability | Description | CVSS 3.1 Base Score | Exploitable |
| |
| CVE-2022-38435 | Arbitrary code execution | 7.8 | No |
| |
| CVE-2022-38436 | Arbitrary code execution | 7.8 | No |
| |
Table 1: Vulnerability details
|
| |||
| CVE/Vulnerability | Product(s) Detail |
| |
| CVE-2022-38435 CVE-2022-38436 | Illustrator 2022 26.4 and earlier versions Illustrator 2021 25.4.7 and earlier versions |
| |
Table 2: Vulnerable versions
We recommend all entities to follow the Adobe recommendation, to update to the latest version.