Description:

Adobe has released security updates to address several vulnerabilities in the following products:

• Adobe Premiere Elements 
  • 2022 (Version 20.0), Windows and macOS
• Adobe FrameMaker
  • 2019 Release Update 8 and earlier, Windows
  • 2020 Release Update 4 and earlier, Windows
• Illustrator 2022
  • 26.3.1 and earlier versions, Windows and macOS
• Illustrator 2021
  • 25.4.6 and earlier versions, Windows and macOS
• Adobe Commerce
  • 2.4.3-p2 and earlier versions, All Platforms
  • 2.3.7-p3 and earlier versions, All Platforms
  • 2.4.4 and earlier versions, All Platforms
•  Magento Open Source
  • 2.4.3-p2 and earlier versions, All Platforms
  • 2.3.7-p3 and earlier versions, All Platforms
  • 2.4.4 and earlier versions, All Platforms
• Acrobat DC
  • 22.001.20169 and earlier versions, Windows & macOS
• Acrobat Reader DC
  • 22.001.20169 and earlier versions, Windows & macOS
• Acrobat 2020
  • 20.005.30362 and earlier versions, Windows & macOS
• Acrobat Reader 2020
  • 20.005.30362 and earlier versions, Windows & macOS
• Acrobat 2017
  • 17.012.30249 and earlier versions, Windows & macOS
• Acrobat Reader 2017
  • 17.012.30249 and earlier versions, Windows & macOS

Threats:

Attacker could exploit these vulnerabilities by doing the following:

• Execute arbitrary code
• Unauthorized disclosure of information
• Escalation of privilege
• Bypass of a protection mechanism

Best practice and Recommendations:

The CERT team encourages users to review Adobe security advisory and apply the necessary updates:

• https://helpx.adobe.com/security/products/premiere_elements/apsb22-43.html
• https://helpx.adobe.com/security/products/framemaker/apsb22-42.html
• https://helpx.adobe.com/security/products/illustrator/apsb22-41.html
• https://helpx.adobe.com/security/products/acrobat/apsb22-39.html
• https://helpx.adobe.com/security/products/magento/apsb22-38.html