Login Sign Up

CVE-2022-23205

7.8 HIGH

📋 TL;DR

This CVE describes an out-of-bounds write vulnerability in Adobe Photoshop that could allow attackers to execute arbitrary code when a user opens a malicious file. All users running affected versions of Photoshop are at risk, with exploitation requiring user interaction to open a crafted file.

💻 Affected Systems

Products:
  • Adobe Photoshop
Versions: 22.5.6 and earlier, 23.2.2 and earlier
Operating Systems: Windows, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations of affected versions are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Photoshop by Adobe

View all CVEs affecting Photoshop →

Photoshop by Adobe

View all CVEs affecting Photoshop →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control of the victim's computer in the context of the current user, potentially leading to data theft, ransomware deployment, or lateral movement.

🟠

Likely Case

Malware installation or data exfiltration through crafted Photoshop files, particularly in targeted attacks against designers or creative professionals.

🟢

If Mitigated

Limited impact if users only open trusted files from verified sources and have proper endpoint protection.

🌐 Internet-Facing: LOW
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction to open a malicious file. No public exploit code is known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Photoshop 22.5.7 and 23.3

Vendor Advisory: https://helpx.adobe.com/security/products/photoshop/apsb22-20.html

Restart Required: Yes

Instructions:

1. Open Adobe Creative Cloud application. 2. Navigate to the 'Apps' section. 3. Find Photoshop and click 'Update'. 4. Restart Photoshop after update completes.

🔧 Temporary Workarounds

Restrict Photoshop file types

all

Configure system to only allow Photoshop to open files from trusted locations or block specific file extensions.

User awareness training

all

Train users to only open Photoshop files from trusted sources and verify file integrity before opening.

🧯 If You Can't Patch

  • Implement application whitelisting to restrict execution of unauthorized Photoshop files
  • Deploy endpoint detection and response (EDR) solutions to monitor for suspicious Photoshop process behavior

🔍 How to Verify

Check if Vulnerable:

Check Photoshop version via Help > About Photoshop in the application menu

Check Version:

Photoshop: Help > About Photoshop (GUI only)

Verify Fix Applied:

Verify Photoshop version is 22.5.7 or higher (for version 22) or 23.3 or higher (for version 23)

📡 Detection & Monitoring

Log Indicators:

  • Unusual Photoshop process spawning child processes
  • Photoshop accessing unexpected network resources
  • Multiple Photoshop crash reports

Network Indicators:

  • Photoshop.exe making unexpected outbound connections
  • Unusual DNS queries from Photoshop process

SIEM Query:

process_name:photoshop.exe AND (child_process_count > 3 OR network_connection_count > 5)

📊 Metadata

CVE ID: CVE-2022-23205
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 6, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-23205, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)