CVE-2020-24420 – This vulnerability in Adobe Photoshop allows at... (How to Fix)

Q: What is the severity of CVE-2020-24420?

CVE-2020-24420 has a CVSS score of 7.0 (HIGH). This vulnerability in Adobe Photoshop allows attackers to execute arbitrary code on Windows systems by tricking users into opening malicious files. It affects Photoshop version 21.2.1 and earlier on Windows. The attack requires user interaction but can lead to full system compromise under the current user's privileges.

📋 TL;DR

This vulnerability in Adobe Photoshop allows attackers to execute arbitrary code on Windows systems by tricking users into opening malicious files. It affects Photoshop version 21.2.1 and earlier on Windows. The attack requires user interaction but can lead to full system compromise under the current user's privileges.

💻 Affected Systems

Products:

Adobe Photoshop

Versions: 21.2.1 and earlier

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Windows versions of Photoshop. Requires user to open a malicious file.

📦 What is this software?

Photoshop by Adobe

View all CVEs affecting Photoshop →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining the same privileges as the logged-in user, potentially leading to data theft, ransomware deployment, or lateral movement within the network.

🟠

Likely Case

Malware installation or data exfiltration from the affected workstation, with potential for credential theft if the user has elevated privileges.

🟢

If Mitigated

Limited to isolated workstation compromise if proper network segmentation and least privilege principles are implemented.

🌐 Internet-Facing: LOW

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction (opening malicious file). No public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 21.2.2 or later

Vendor Advisory: https://helpx.adobe.com/security/products/photoshop/apsb20-63.html

Restart Required: Yes

Instructions:

1. Open Adobe Creative Cloud application. 2. Navigate to the 'Apps' section. 3. Find Adobe Photoshop and click 'Update'. 4. Follow the on-screen instructions to complete the update. 5. Restart Photoshop after installation.

🔧 Temporary Workarounds

Restrict file execution from untrusted locations

windows

Configure Windows to prevent execution of files from temporary directories and untrusted network locations.

Use Windows Group Policy to restrict execution from %TEMP% and network shares

🧯 If You Can't Patch

Implement application whitelisting to prevent unauthorized executables from running
Educate users to never open Photoshop files from untrusted sources

🔍 How to Verify

Check if Vulnerable:

Check Photoshop version in Help > About Photoshop. If version is 21.2.1 or earlier, the system is vulnerable.

Check Version:

In Photoshop: Help > About Photoshop

Verify Fix Applied:

Verify Photoshop version is 21.2.2 or later in Help > About Photoshop.

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from Photoshop.exe
Photoshop loading DLLs from unusual locations

Network Indicators:

Photoshop.exe making unexpected network connections

SIEM Query:

Process creation where parent_process_name contains 'photoshop.exe' and process_name not in approved list

📊 Metadata

CVE ID: CVE-2020-24420

CVSS v3 Score: 7.0 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-427

Published: October 21, 2020

Last Updated: November 21, 2024

🔗 References

https://helpx.adobe.com/security/products/photoshop/apsb20-63.html Patch,Vendor Advisory
https://helpx.adobe.com/security/products/photoshop/apsb20-63.html Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-24420, you might also want to check these: