CVE-2020-3803

EUVD-2020-25068
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Affected Products (NVD)
VendorProductVersion
adobeacrobat_dc
15.006.30060 ≤
𝑥
< 15.006.30518
adobeacrobat_dc
15.008.20082 ≤
𝑥
< 20.006.20042
adobeacrobat_dc
17.011.30059 ≤
𝑥
< 17.011.30166
adobeacrobat_reader_dc
15.006.30060 ≤
𝑥
< 15.006.30518
adobeacrobat_reader_dc
15.008.20082 ≤
𝑥
< 20.006.20042
adobeacrobat_reader_dc
17.011.30059 ≤
𝑥
< 17.011.30166
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://helpx.adobe.com/security/products/acrobat/apsb20-13.html
https://helpx.adobe.com/security/products/acrobat/apsb20-13.html