Adobe reports CRITICAL security vulnerabilities in multiple products

This content has been archived. But, the content is true and relevant to the underlying technology products or infrastructure services.

The Product Security Incident Response Team (PSIRT) of Adobe has released new security updates for multiple Adobe products. These security updates have been released as part of the ‘Patch Tuesday’ initiative of Adobe.

Salient points

  • The security updates released by Adobe cover multiple vulnerabilities in multiple products.
  • The affected Adobe software versions are for the operating system platforms of Windows and macOS.
  • Adobe has reported the vulnerabilities and released fixes for all the affected products.

What Adobe products are affected?

Adobe has confirmed that the following software of the company have been affected by the security vulnerabilities:

  • Adobe Acrobat and Reader
  • Adobe Commerce
  • Adobe Substance 3D Painter
  • Adobe Substance 3D Designer
  • Adobe FrameMaker Publishing Server
  • Adobe Audition

A list of affected versions is given below.

What versions of Adobe products are affected?

The following versions of Adobe products are impacted:

Adobe Commerce

The affected versions of Adobe Commerce include the following. We have also listed the corresponding versions of software in which the vulnerabilities have been resolved.

  • 2.4.6-p3 and earlier – fixed in 2.4.6-p4 
  • 2.4.5-p5 and earlier – fixed in 2.4.5-p6
  • 2.4.4-p6 and earlier – fixed in 2.4.4-p7
  • 2.4.3-ext-5 and earlier – fixed in 2.4.3-ext 6
  • 2.4.2-ext-5 and earlier – fixed in 2.4.2-ext-6
  • 2.4.1-ext-5 and earlier – fixed in 2.4.1-ext-6
  • 2.4.0-ext-5 and earlier – fixed in 2.4.0-ext-6
  • 2.3.7-p4-ext-5 and earlier- fixed in 2.3.7-p4-ext-6

Adobe Substance 3D Painter

The information below lists the versions of Substance 3D Painter affected by security vulnerabilities. The corresponding security release version with the fix is also listed.

    • Adobe Substance 3D Painter version 9.1.1 and all the earlier versions. The security vulnerabilities are resolved in the latest version of Adobe Substance 3D Painter 9.1.2.

    You can read the security bulletin for Adobe Substance 3D Painter on this page.

    Adobe Acrobat and Reader

    The information below lists the versions of Adobe Acrobat and Reader affected by security vulnerabilities. The corresponding security release versions with the fix are also listed.

    • Acrobat DC version 23.008.20470 and earlier versions for Windows and macOS. The issue is resolved in Acrobat DC version 23.008.20533.
    • Acrobat Reader DC version 23.008.20470 and earlier versions for Windows and macOS. The issue is resolved in Acrobat Reader DC version 23.008.20533.
    • Acrobat 2020 version 20.005.30539 and earlier versions for Windows and macOS. The issue is resolved in Acrober 2020 version 20.005.30574.
    • Acrobat Reader version 2020 20.005.30539 and earlier versions for Windows and macOS. The issue is resolved in Acrober Reader 2020 version 20.005.30574.

    You can read more about the security vulnerabilities affecting Adobe Acrobat and Reader on this page.

    Adobe FrameMaker Publishing Server

    The following versions of Adobe FrameMaker Publishing Server are affected by security vulnerabilities:

    • Adobe FrameMaker Publishing Server Version 2022 Update 1  and earlier versions for the Windows platform. The threats are patched in Version 2022.2 for the Windows platform.

    You can read the security advisory for Adobe FrameMaker Publishing Server on this page.

    Adobe Audition

    The following versions of Adobe Audition are affected by security vulnerabilities:

    • Adobe Audition version 24.0.3 and earlier versions for Windows and macOS. Please upgrade to Adobe Audition version 24.2 to resolve the security vulnerabilities for Windows and macOS.
    • Adobe Auditon version 23.6.2 and earlier versions for Windows and macOS. Please upgrade to Adobe Audition version 23.6.4 to resolve the security vulnerabilities for Windows and macOS.

    You can read the security advisory about Adobe Audition on this page.

    Adobe Substance 3D Designer

    The following versions of Adobe Substance 3D Designer are affected by security vulnerabilities:

    • Adobe Substance 3D Designer version 13.1.0 and earlier versions - the threats are resolved in Adobe Substance 3D Designer version 13.1.1.

    You can read the security advisory about Adobe Substance 3D Designer on this page.

    More Cyber-security Stories

    Rajesh Dhawan

    Rajesh Dhawan is a technology professional who loves to write about Cyber-security events and stories, Cloud computing and Microsoft technologies. He loves to break complex problems into manageable chunks of meaningful information.