India’s CERT-In Issues Security Warning for Several Adobe Products

India's CERT-In Issues Security Warning for Adobe Products

If you are someone who uses Adobe software for your design and productivity needs, you need to update to the latest version right now. The Indian Computer Emergency Response Team (CERT-In) has issued a warning regarding bugs in Adobe’s software suite.

CERT-In Issues Security Warning For Adobe Products

According to CERT-In’s warning, multiple vulnerabilities have been reported in Adobe products that could let attackers gain elevated privileges, execute arbitrary code, write arbitrary files on the file system and even cause memory leak on the targeted system.

The newly discovered vulnerabilities affect multiple Adobe products, including InDesign, InCopy, Illustrator, Bridge, Animate, and RoboHelp server† You can check the exact versions of the software affected below:

  • Adobe InDesign 17.2.1 and earlier versions for Windows and macOS
  • Adobe InDesign 16.4.1 and earlier versions for Windows and macOS
  • Adobe InCopy 17.2 and earlier version for Windows and macOS
  • Adobe InCopy 16.4.1 and earlier version for Windows and macOS
  • Illustrator 2022 26.0.2 and earlier versions for Windows and macOS
  • Illustrator 2021 25.4.5 and earlier versions for Windows and macOS
  • Adobe Bridge 12.0.1 and earlier versions for Windows and macOS
  • Adobe Animate 22.0.5 and earlier versions for Windows and macOS
  • RoboHelp Server RHS 11 (Update 3) and earlier versions for Windows

“These vulnerabilities exist in Adobe products due to improper Input Validation, improper authorization, heap-based buffer overflow, out-of-bounds Write, out-of-bounds read and use after free flaws,” explains the warning.

“An attacker could exploit these vulnerabilities by persuading the victim to open a specially crafted file or application. Successful exploitation of these vulnerabilities could allow an attacker to gain elevated privileges, execute arbitrary code, write arbitrary files on the file system and cause memory leak on the targeted system,” the warning note added.

The advisory urges affected users to visit Adobe’s security bulletin page and install the relevant updates to prevent the attack. If you’re someone who uses Adobe products, you can check the security bulletin from here and update to the latest available version to stay safe.

Related Posts