CVE-2024-45107 – CVE-2024-45107 is a use-after-free vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2024-45107?

CVE-2024-45107 has a CVSS score of 5.5 (MEDIUM). CVE-2024-45107 is a use-after-free vulnerability in Adobe Acrobat Reader that could allow an attacker to read sensitive memory contents and bypass ASLR protections. Users who open malicious PDF files with affected versions are vulnerable. This requires user interaction through opening a malicious file.

📋 TL;DR

CVE-2024-45107 is a use-after-free vulnerability in Adobe Acrobat Reader that could allow an attacker to read sensitive memory contents and bypass ASLR protections. Users who open malicious PDF files with affected versions are vulnerable. This requires user interaction through opening a malicious file.

💻 Affected Systems

Products:

Adobe Acrobat Reader DC
Adobe Acrobat Reader

Versions: 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier

Operating Systems: Windows, macOS

Default Config Vulnerable: ⚠️ Yes

Notes: All default configurations of affected versions are vulnerable. Requires user to open a malicious PDF file.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could bypass ASLR and potentially chain this with other vulnerabilities to achieve arbitrary code execution, leading to full system compromise.

🟠

Likely Case

Memory disclosure that could leak sensitive information and facilitate further exploitation by bypassing security mitigations.

🟢

If Mitigated

With proper controls, the impact is limited to potential information disclosure without code execution.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file). No public exploit code is currently available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Update to versions after those listed in affected versions

Vendor Advisory: https://helpx.adobe.com/security/products/acrobat/apsb24-57.html

Restart Required: Yes

Instructions:

1. Open Adobe Acrobat Reader. 2. Go to Help > Check for Updates. 3. Follow prompts to install available updates. 4. Restart the application.

🔧 Temporary Workarounds

Disable JavaScript in PDFs

all

Prevents JavaScript execution in PDF files which could be used in exploitation chains

In Adobe Reader: Edit > Preferences > JavaScript > Uncheck 'Enable Acrobat JavaScript'

Use Protected View

all

Open untrusted PDFs in Protected View mode to limit potential damage

Files from untrusted sources will automatically open in Protected View if configured

🧯 If You Can't Patch

Restrict PDF file opening to trusted sources only
Implement application whitelisting to prevent unauthorized PDF readers

🔍 How to Verify

Check if Vulnerable:

Check Adobe Reader version against affected versions list

Check Version:

In Adobe Reader: Help > About Adobe Acrobat Reader DC

Verify Fix Applied:

Verify version is updated beyond affected versions

📡 Detection & Monitoring

Log Indicators:

Unexpected crashes of Adobe Reader
Multiple failed PDF parsing attempts

Network Indicators:

Downloads of PDF files from untrusted sources

SIEM Query:

source="*adobe*" AND (event_type="crash" OR file_type="pdf")

📊 Metadata

CVE ID: CVE-2024-45107

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-416

Published: September 5, 2024

Last Updated: September 6, 2024

🔗 References

https://helpx.adobe.com/security/products/acrobat/apsb24-57.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-45107, you might also want to check these: