What is the severity of CVE-2020-9694?

CVE-2020-9694 has a critical severity level due to its potential for arbitrary code execution.

How do I fix CVE-2020-9694?

To address CVE-2020-9694, update Adobe Acrobat and Reader to the latest version provided by Adobe.

Which versions of Adobe Acrobat and Reader are affected by CVE-2020-9694?

Affected versions include Adobe Acrobat and Reader versions 2020.009.20074 and earlier, and various earlier versions of 2020, 2017, and 2015.

Can CVE-2020-9694 be exploited remotely?

Yes, CVE-2020-9694 can be exploited remotely, allowing attackers to execute arbitrary code.

What are the consequences of exploiting CVE-2020-9694?

Exploitation of CVE-2020-9694 could lead to unauthorized access and control over the victim's system.

Vulnerability/
CVE-2020-9694

high

7.8

CWE

787

19/8/2020

4/8/2024

21/2/2025

CVE-2020-9694: Adobe Acrobat Reader DC JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

First published: Wed Aug 19 2020(Updated: )

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Credit: psirt@adobe.com

Affected Software	Affected Version	How to fix
Adobe Acrobat Reader
Adobe Acrobat	>=15.006.30060<=15.006.30523
Adobe Acrobat	>=15.008.20082<=20.009.20074
Adobe Acrobat	>=17.011.30059<=17.011.30171
Adobe Acrobat	=20.001.30002
Adobe Acrobat Reader	>=15.006.30060<=15.006.30523
Adobe Acrobat Reader	>=15.008.20082<=20.009.20074
Adobe Acrobat Reader	>=17.011.30059<=17.011.30171
Adobe Acrobat Reader	=20.001.30002
Apple iOS and macOS
Microsoft Windows

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-9694?
CVE-2020-9694 has a critical severity level due to its potential for arbitrary code execution.
How do I fix CVE-2020-9694?
To address CVE-2020-9694, update Adobe Acrobat and Reader to the latest version provided by Adobe.
Which versions of Adobe Acrobat and Reader are affected by CVE-2020-9694?
Affected versions include Adobe Acrobat and Reader versions 2020.009.20074 and earlier, and various earlier versions of 2020, 2017, and 2015.
Can CVE-2020-9694 be exploited remotely?
Yes, CVE-2020-9694 can be exploited remotely, allowing attackers to execute arbitrary code.
What are the consequences of exploiting CVE-2020-9694?
Exploitation of CVE-2020-9694 could lead to unauthorized access and control over the victim's system.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/title
agent/severity
agent/weakness
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/trending
agent/source
collector/zdi-advisory
source/ZDI
alias/ZDI-20-983
alias/ZDI-CAN-11026
alias/CVE-2020-9694
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
agent/event
collector/nvd-index
vendor/adobe
canonical/adobe acrobat reader
canonical/adobe acrobat
version/adobe acrobat/15.006.30060
version/adobe acrobat/15.006.30523
version/adobe acrobat/15.008.20082
version/adobe acrobat/20.009.20074
version/adobe acrobat/17.011.30059
version/adobe acrobat/17.011.30171
version/adobe acrobat/20.001.30002
version/adobe acrobat reader/15.006.30060
version/adobe acrobat reader/15.006.30523
version/adobe acrobat reader/15.008.20082
version/adobe acrobat reader/20.009.20074
version/adobe acrobat reader/17.011.30059
version/adobe acrobat reader/17.011.30171
version/adobe acrobat reader/20.001.30002
vendor/apple
canonical/apple ios and macos
vendor/microsoft
canonical/microsoft windows