CVE-2023-21608
Adobe Acrobat and Reader Use-After-Free Vulnerability
CVSS
—
No CVSS
EPSS
61.5%
p99
KEV
YES
Oct 10, 2023
Exploit Today
80
0-100
Published: — · Last modified: —
61.5%EPSS · 30 days61.5%
2026-06-302026-07-16
Product
Adobe / Acrobat and Reader
Vulnerability
Adobe Acrobat and Reader Use-After-Free Vulnerability
Added to KEV
Oct 10, 2023
Remediate by
Oct 31, 2023
Known ransomware use
No
Summary description
Adobe Acrobat and Reader contains a use-after-free vulnerability that allows for code execution in the context of the current user.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://helpx.adobe.com/security/products/acrobat/apsb23-01.html; https://nvd.nist.gov/vuln/detail/CVE-2023-21608
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2008-2992—99.9%
KEV—80Adobe Reader and Acrobat Input Validation Vulnerability—CVE-2007-5659—99.8%
KEV—80Adobe Acrobat and Reader Buffer Overflow Vulnerability—CVE-2009-3459—99.7%
KEV—80Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability—CVE-2021-21017—99.7%
KEV—80Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability—CVE-2009-3953—99.7%
KEV—80Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability—CVE-2010-2883—99.6%
KEV—80Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability—