CVE-2024-34137
📋 TL;DR
Adobe Illustrator versions 28.5, 27.9.4 and earlier contain a NULL pointer dereference vulnerability that allows attackers to crash the application by tricking users into opening malicious files. This creates a denial-of-service condition where Illustrator becomes unusable. All users running affected Illustrator versions are vulnerable.
💻 Affected Systems
- Adobe Illustrator
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete application crash requiring restart, potential loss of unsaved work, and disruption to creative workflows.
Likely Case
Temporary denial-of-service where Illustrator crashes when opening a malicious file, requiring restart and potentially causing minor workflow disruption.
If Mitigated
No impact if users avoid opening untrusted files or have patched to fixed versions.
🎯 Exploit Status
Exploitation requires user to open a malicious file. No authentication bypass needed beyond convincing user to open file.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Illustrator 28.6 and later, Illustrator 27.9.5 and later
Vendor Advisory: https://helpx.adobe.com/security/products/illustrator/apsb24-45.html
Restart Required: Yes
Instructions:
1. Open Adobe Creative Cloud application. 2. Navigate to 'Apps' tab. 3. Find Adobe Illustrator. 4. Click 'Update' button. 5. Wait for download and installation. 6. Restart Illustrator.
🔧 Temporary Workarounds
Restrict file opening
allConfigure Illustrator to only open files from trusted sources or implement application whitelisting.
Sandbox execution
allRun Illustrator in sandboxed environment to limit impact of crashes.
🧯 If You Can't Patch
- Implement strict file handling policies: only open files from trusted sources
- Use application control solutions to restrict Illustrator to opening only approved file types from approved locations
🔍 How to Verify
Check if Vulnerable:
Check Illustrator version via Help > About Illustrator. If version is 28.5 or earlier, or 27.9.4 or earlier, you are vulnerable.Check Version:
Illustrator: Help > About Illustrator. Windows: wmic product where name='Adobe Illustrator' get version. macOS: /Applications/Adobe\ Illustrator*/Adobe\ Illustrator.app/Contents/Info.plistVerify Fix Applied:
After updating, verify version is 28.6 or later, or 27.9.5 or later in Help > About Illustrator.📡 Detection & Monitoring
Log Indicators:
- Application crash logs from Illustrator
- Unexpected termination events in system logs
- Error logs showing NULL pointer exceptions
Network Indicators:
- File downloads followed by Illustrator crashes
- Email attachments being opened then Illustrator termination
SIEM Query:
source='*illustrator*' AND (event_type='crash' OR event_type='termination' OR message='*NULL*' OR message='*dereference*')