Threat Encyclopedia

Adobe.Illustrator.CVE-2022-30649.Arbitrary.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit an Arbitrary Code Execution Vulnerability in Adobe Illustrator.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted CDR file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted CDR file.

affected-products-logoAffected Products

Adobe Illustrator 2022 26.0.2 and earlier versions
Adobe Illustrator 2021 25.4.5 and earlier versions

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://helpx.adobe.com/security/products/illustrator/apsb22-26.html

CVE References

CVE-2022-30649

Telemetry logoTelemetry