CVE-2024-34129 – This path traversal vulnerability in Adobe Acro... (How to Fix)

Q: What is the severity of CVE-2024-34129?

CVE-2024-34129 has a CVSS score of 7.5 (HIGH). This path traversal vulnerability in Adobe Acrobat Mobile Sign for Android allows attackers to bypass directory restrictions and access or overwrite files outside intended boundaries. It affects Android users running Acrobat Mobile Sign version 24.4.2.33155 or earlier. No user interaction is required for exploitation, though attack complexity is high.

📋 TL;DR

This path traversal vulnerability in Adobe Acrobat Mobile Sign for Android allows attackers to bypass directory restrictions and access or overwrite files outside intended boundaries. It affects Android users running Acrobat Mobile Sign version 24.4.2.33155 or earlier. No user interaction is required for exploitation, though attack complexity is high.

💻 Affected Systems

Products:

Adobe Acrobat Mobile Sign

Versions: 24.4.2.33155 and earlier

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Android version of Acrobat Mobile Sign app; iOS version is not affected.

📦 What is this software?

Acrobat Reader by Adobe

View all CVEs affecting Acrobat Reader →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the application's sandbox, allowing attackers to overwrite critical system files, steal sensitive user data, or install malicious payloads.

🟠

Likely Case

Unauthorized access to application data, configuration files, or user documents stored within the app's directory structure.

🟢

If Mitigated

Limited impact due to Android sandboxing and permission restrictions, potentially only affecting app-specific files.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: HIGH

No user interaction required but attack complexity is rated high by Adobe. No known public exploits at time of advisory.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to version newer than 24.4.2.33155

Vendor Advisory: https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html

Restart Required: Yes

Instructions:

1. Open Google Play Store 2. Search for 'Adobe Acrobat Mobile Sign' 3. Tap 'Update' if available 4. Alternatively, uninstall and reinstall latest version 5. Restart device after update

🔧 Temporary Workarounds

Disable or Remove App

android

Temporarily disable or uninstall Acrobat Mobile Sign until patched

adb shell pm disable-user --user 0 com.adobe.acrobat.mobilesign
adb uninstall com.adobe.acrobat.mobilesign

🧯 If You Can't Patch

Restrict app permissions to minimum required
Monitor for unusual file access patterns within app directory

🔍 How to Verify

Check if Vulnerable:

Check app version in Settings > Apps > Adobe Acrobat Mobile Sign > App info

Check Version:

adb shell dumpsys package com.adobe.acrobat.mobilesign | grep versionName

Verify Fix Applied:

Verify version is newer than 24.4.2.33155 in app settings

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns in app logs
Attempts to access paths with '../' sequences

Network Indicators:

Unusual outbound connections from app to unexpected destinations

SIEM Query:

source="android_app_logs" app="AcrobatMobileSign" (path="*../*" OR file_access="*../*")

📊 Metadata

CVE ID: CVE-2024-34129

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N

CWE: CWE-22

Published: June 13, 2024

Last Updated: November 21, 2024

🔗 References

https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html Patch,Vendor Advisory
https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html Patch,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-34129, you might also want to check these: