CVE-2020-24423: Uncontrolled Search Path in Adobe Media Encoder for Windows
First published: Wed Oct 21 2020(Updated: )
Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Credit: psirt@adobe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Adobe Media Encoder | <=14.4 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-24423.
What is the affected software for this vulnerability?
The affected software for this vulnerability is Adobe Media Encoder version 14.4 (and earlier) for Windows.
What is the severity rating of CVE-2020-24423?
The severity rating of CVE-2020-24423 is high with a severity value of 7.8.
How can this vulnerability be exploited?
Exploitation of this vulnerability requires user interaction in that a victim must open a malicious file.
Is there a fix available for CVE-2020-24423?
Yes, please refer to Adobe's security advisory at https://helpx.adobe.com/security/products/media-encoder/apsb20-65.html for information on available fixes.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/title
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/adobe
- canonical/adobe media encoder
- version/adobe media encoder/14.4
- vendor/microsoft
- canonical/microsoft windows