First published: Fri Nov 17 2023(Updated: )
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|Affected Software||Affected Version||How to fix|
|Adobe After Effects||>=23.0<=23.6|
|Adobe After Effects||>=24.0<24.0.2|
The vulnerability ID is CVE-2023-47073.
The severity rating of CVE-2023-47073 is 7.8 (high).
Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by CVE-2023-47073.
Exploitation of CVE-2023-47073 requires user interaction in that a victim must open a malicious file.
No, Apple macOS and Microsoft Windows are not vulnerable to CVE-2023-47073.
You can find more information about CVE-2023-47073 at the following link: [https://helpx.adobe.com/security/products/after_effects/apsb23-66.html](https://helpx.adobe.com/security/products/after_effects/apsb23-66.html)