Uncontrolled Search Path Vulnerability in Acrobat Reader DC and Earlier Versions

Uncontrolled Search Path Vulnerability in Acrobat Reader DC and Earlier Versions

CVE-2022-28247 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an uncontrolled search path vulnerability that could lead to local privilege escalation. Exploitation of this issue requires user interaction in that a victim must run the uninstaller with Admin privileges.

Learn more about our User Device Pen Test.