#VU92098 Improper Authorization in Adobe Acrobat Android - CVE-2024-34130


Vulnerability identifier: #VU92098

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-34130

CWE-ID: CWE-285

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Adobe Acrobat Android
Mobile applications / Apps for mobile phones

Vendor: Adobe

Description

The vulnerability allows a remote attacker to bypass authorization checks.

The vulnerability exists due to improper authorization. A remote attacker can gain access to sensitive information on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Adobe Acrobat Android: 24.4.2.33155

External links
https://helpx.adobe.com/security/products/acrobat-android/apsb24-50.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Adobe Acrobat Android