CVE-2020-9717 – This CVE describes an out-of-bounds read vulner... (How to Fix)

Q: What is the severity of CVE-2020-9717?

CVE-2020-9717 has a CVSS score of 7.5 (HIGH). This CVE describes an out-of-bounds read vulnerability in Adobe Acrobat and Reader that could allow attackers to read sensitive memory contents. Successful exploitation could lead to information disclosure, potentially exposing passwords, encryption keys, or other confidential data. Users of affected Adobe Acrobat and Reader versions are vulnerable.

📋 TL;DR

This CVE describes an out-of-bounds read vulnerability in Adobe Acrobat and Reader that could allow attackers to read sensitive memory contents. Successful exploitation could lead to information disclosure, potentially exposing passwords, encryption keys, or other confidential data. Users of affected Adobe Acrobat and Reader versions are vulnerable.

💻 Affected Systems

Products:

Adobe Acrobat DC
Adobe Acrobat Reader DC
Adobe Acrobat 2017
Adobe Acrobat Reader 2017
Adobe Acrobat 2015
Adobe Acrobat Reader 2015

Versions: 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, 2015.006.30523 and earlier

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. The vulnerability affects both continuous and classic track releases.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive memory contents including passwords, encryption keys, or other confidential information, potentially leading to complete system compromise through follow-on attacks.

🟠

Likely Case

Information disclosure of memory contents, which could include document data, user credentials, or system information that could be used in subsequent attacks.

🟢

If Mitigated

Limited impact with proper network segmentation, application sandboxing, and memory protection mechanisms in place.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires user interaction to open a malicious PDF file. No public proof-of-concept has been disclosed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2020.009.20075, 2020.001.30003, 2017.011.30172, 2015.006.30524

Vendor Advisory: https://helpx.adobe.com/security/products/acrobat/apsb20-48.html

Restart Required: Yes

Instructions:

1. Open Adobe Acrobat or Reader. 2. Go to Help > Check for Updates. 3. Follow the prompts to download and install the latest update. 4. Restart the application when prompted.

🔧 Temporary Workarounds

Disable JavaScript in Adobe Reader

all

Disabling JavaScript can prevent exploitation of many PDF-based vulnerabilities

Edit > Preferences > JavaScript > Uncheck 'Enable Acrobat JavaScript'

Use Protected View

all

Enable Protected View for files from potentially unsafe locations

Edit > Preferences > Security (Enhanced) > Enable Protected View for all files from the internet

🧯 If You Can't Patch

Implement application whitelisting to block execution of vulnerable Adobe Reader versions
Use network segmentation to isolate systems running vulnerable versions from critical assets

🔍 How to Verify

Check if Vulnerable:

Check Adobe Acrobat/Reader version via Help > About Adobe Acrobat/Reader and compare against affected versions

Check Version:

On Windows: wmic product where "name like 'Adobe Acrobat%'" get version

Verify Fix Applied:

Verify version is 2020.009.20075 or later, 2020.001.30003 or later, 2017.011.30172 or later, or 2015.006.30524 or later

📡 Detection & Monitoring

Log Indicators:

Application crashes in Adobe Acrobat/Reader logs
Security event logs showing unexpected process termination

Network Indicators:

Unusual PDF file downloads from untrusted sources
Outbound connections following PDF file opening

SIEM Query:

source="*acrobat*" AND (event_type="crash" OR event_type="error") AND file_extension="pdf"

📊 Metadata

CVE ID: CVE-2020-9717

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-125

Published: August 19, 2020

Last Updated: November 21, 2024

🔗 References

https://helpx.adobe.com/security/products/acrobat/apsb20-48.html Vendor Advisory
https://helpx.adobe.com/security/products/acrobat/apsb20-48.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-9717, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Acrobat Dc by Adobe

Acrobat Dc by Adobe

Acrobat Dc by Adobe

Acrobat Dc by Adobe

Acrobat Reader Dc by Adobe

Acrobat Reader Dc by Adobe

Acrobat Reader Dc by Adobe

Acrobat Reader Dc by Adobe

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable JavaScript in Adobe Reader

Use Protected View

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities