First published: Fri Nov 17 2023(Updated: )
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|Affected Software||Affected Version||How to fix|
|Adobe After Effects||>=23.0<=23.6|
|Adobe After Effects||>=24.0<24.0.2|
The vulnerability ID is CVE-2023-47070.
The severity of CVE-2023-47070 is high with a CVSS score of 7.8.
Adobe After Effects versions 24.0.2 and earlier, as well as versions 23.6 and earlier, are affected by this vulnerability.
Exploitation of this vulnerability requires user interaction, where a victim must open a malicious file in Adobe After Effects.
No, Microsoft Windows and Apple macOS are not affected by this vulnerability.