Security Advisory 2023-065

Release Date:

Adobe Acrobat and Reader Zero-Day Vulnerability



  • 13/09/2023 --- v1.0 -- Initial publication


On September 12, 2023, Adobe released a security update that addresses a critical, zero-day vulnerability, which has been exploited in the wild. The vulnerability affects both Windows and MacOS systems and is being tracked as CVE-2023-26369 [1].

Technical Details

Successful exploitation of this flaw could allow a local attacker to execute arbitrary code. The exploit succeeds without the need of privileges in this low-complexity attack; however, user interaction is required, according to its CVSSv3.1 score.

Affected Products

ProductTrackAffected Versions
Acrobat DCContinuous23.003.20284 and earlier
Acrobat Reader DCContinuous23.003.20284 and earlier
Acrobat 2020Classic 202020.005.30516 (Mac) and earlier/ 20.005.30514 (Win) and earlier
Acrobat Reader 2020Classic 202020.005.30516 (Mac) and earlier/ 20.005.30514 (Win) and earlier


Adobe recommends users update their software installations to the latest versions as soon as possible, following the instructions they provided in the Solution section of the Security Bulletin [1].




We got cookies

We only use cookies that are necessary for the technical functioning of our website. Find out more on here.