CVE-2023-25908
📋 TL;DR
Adobe Photoshop versions 23.5.3 and earlier, and 24.1.1 and earlier, contain a use-after-free vulnerability that could allow arbitrary code execution when a user opens a malicious file. This affects all users running vulnerable versions of Photoshop on any operating system. Successful exploitation requires user interaction to open a crafted file.
💻 Affected Systems
- Adobe Photoshop
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with attacker gaining the same privileges as the current user, potentially leading to data theft, ransomware deployment, or lateral movement.
Likely Case
Local privilege escalation or malware installation on the affected workstation when a user opens a malicious Photoshop file.
If Mitigated
No impact if users avoid opening untrusted Photoshop files and the application is properly patched.
🎯 Exploit Status
Exploitation requires user interaction to open a malicious file. No public exploit code has been reported as of the advisory date.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Photoshop 23.5.4 and 24.2
Vendor Advisory: https://helpx.adobe.com/security/products/photoshop/apsb23-23.html
Restart Required: Yes
Instructions:
1. Open Adobe Creative Cloud application. 2. Navigate to 'Apps' tab. 3. Find Photoshop and click 'Update'. 4. Alternatively, download latest version from Adobe website. 5. Restart Photoshop after update completes.
🔧 Temporary Workarounds
Restrict Photoshop file execution
allConfigure application control policies to restrict execution of Photoshop files from untrusted sources.
User awareness training
allTrain users to avoid opening Photoshop files from unknown or untrusted sources.
🧯 If You Can't Patch
- Implement application whitelisting to prevent execution of malicious Photoshop files
- Use network segmentation to isolate Photoshop workstations from critical systems
🔍 How to Verify
Check if Vulnerable:
Check Photoshop version via Help > About Photoshop in the application menu.Check Version:
On Windows: Check Photoshop.exe properties > Details tab. On macOS: Right-click Photoshop.app > Get Info.Verify Fix Applied:
Verify version is 23.5.4 or higher for version 23.x, or 24.2 or higher for version 24.x.📡 Detection & Monitoring
Log Indicators:
- Unexpected Photoshop crashes
- Process creation from Photoshop with unusual command lines
Network Indicators:
- Unusual outbound connections from Photoshop process
SIEM Query:
Process creation where parent_process_name contains 'photoshop' and command_line contains unusual patterns