Researchers at Cisco Talos are detailing a remote code execution vulnerability found in Adobe Acrobat Reader DC that can be triggered when a malicious file is opened or a victim accesses a rigged webpage.
According to Talos, the vulnerability (CVE-2018-4901) was disclosed on Dec. 7 and Adobe issued a patch on Feb. 13. Researchers are now sharing the details of its discovery. Affected are Adobe Acrobat Reader versions 2018.009.20050 and 2017.011.30070 and earlier.
Adobe rates the vulnerability with a “priority 2”, or as important, meaning that the bug presents an “elevated risk” and there are currently no known exploits in the wild.
“Adobe Acrobat Reader is the most popular and most feature-rich PDF reader. It has a big user base, is usually a default PDF reader on systems and integrates into web browsers as a plugin for rendering PDFs,” according to Talos Group in a statement. “As such, tricking a user into visiting a malicious web page or sending a specially crafted email attachment can be enough to trigger this vulnerability.”
The vulnerability, which was discovered by Aleksandar Nikolic of Talos, is one of several patched by Adobe in February. In its Adobe security advisory it lists 41 vulnerabilities in Acrobat and Reader, including 17 critical ones that “could potentially allow an attacker to take control of the affected system.”