First published: Wed Feb 16 2022(Updated: )
Credit: psirt@adobe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Adobe Illustrator | <=25.4.3 | |
Adobe Illustrator | >=26.0.0<=26.0.2 | |
Apple macOS | ||
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-23195 is an out-of-bounds read vulnerability in Adobe Illustrator versions 25.4.3 and 26.0.2 that could lead to disclosure of sensitive memory.
CVE-2022-23195 affects Adobe Illustrator versions 25.4.3 and 26.0.2 by allowing an attacker to bypass mitigations like ASLR and potentially access sensitive memory.
Exploitation of CVE-2022-23195 requires user interaction, such as opening a malicious file, that triggers the out-of-bounds read vulnerability in Adobe Illustrator.
CVE-2022-23195 has a severity rating of 5.5 (medium).
Yes, Adobe has released a security update to address CVE-2022-23195. It is recommended to update to the latest version of Adobe Illustrator.