CVE-2024-45108
📋 TL;DR
This CVE describes an out-of-bounds write vulnerability in Adobe Photoshop that could allow an attacker to execute arbitrary code on a victim's system. The vulnerability affects Photoshop Desktop users who open malicious files. Successful exploitation requires user interaction but could lead to full system compromise.
💻 Affected Systems
- Adobe Photoshop Desktop
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise with attacker gaining the same privileges as the current user, potentially leading to data theft, ransomware deployment, or persistent backdoor installation.
Likely Case
Local privilege escalation leading to unauthorized access to sensitive files, system configuration changes, or installation of additional malware.
If Mitigated
Limited impact with proper application sandboxing and user privilege restrictions, potentially containing the exploit to the Photoshop process only.
🎯 Exploit Status
Exploitation requires user interaction (opening malicious file). No public exploit code available at this time.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Update to Photoshop 24.7.5 or 25.12 or later
Vendor Advisory: https://helpx.adobe.com/security/products/photoshop/apsb24-72.html
Restart Required: Yes
Instructions:
1. Open Adobe Creative Cloud application. 2. Navigate to 'Apps' section. 3. Find Photoshop and click 'Update'. 4. Wait for download and installation to complete. 5. Restart Photoshop.
🔧 Temporary Workarounds
Restrict Photoshop file handling
allConfigure system to open Photoshop files with alternative applications or restrict Photoshop from opening files from untrusted sources.
Application sandboxing
allRun Photoshop in a sandboxed environment to limit potential damage from exploitation.
🧯 If You Can't Patch
- Restrict user privileges to standard user accounts (not administrator)
- Implement application whitelisting to prevent execution of unauthorized code
🔍 How to Verify
Check if Vulnerable:
Check Photoshop version via Help > About Photoshop in the application menu.Check Version:
On Windows: Check Photoshop.exe properties > Details tab. On macOS: Right-click Photoshop.app > Get Info.Verify Fix Applied:
Verify Photoshop version is 24.7.5 or higher for version 24, or 25.12 or higher for version 25.📡 Detection & Monitoring
Log Indicators:
- Photoshop crash logs with memory access violations
- Unexpected child processes spawned from Photoshop
Network Indicators:
- Unusual outbound connections from Photoshop process
SIEM Query:
Process creation where parent_process_name contains 'photoshop' and process_name not in ('photoshop.exe', 'AdobeIPCBroker.exe')