CVE-2020-9713
MediumCVSS 5.5Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
A vulnerability in Adobe Acrobat and Reader allows out-of-bounds memory read, potentially leading to disclosure of sensitive data. An attacker can exploit this flaw to access confidential information, but it requires the victim to open a specially crafted file.
Risk Assessment
The risk involves potential leakage of confidential data from process memory, which could expose the organization to loss of business information or user data.
Recommendation
It is recommended to immediately update Adobe Acrobat and Reader to the latest versions that include fixes for this vulnerability.
Original NVD description (English source)
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

