CVE-2020-3803

Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.

Published: Mar 25, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-3803
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.8
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-427

Affected Software
References

Software	From	Fixed in
adobe / acrobat_dc	15.006.30060	15.006.30518
adobe / acrobat_dc	15.008.20082	20.006.20042
adobe / acrobat_dc	17.011.30059	17.011.30166
adobe / acrobat_reader_dc	15.006.30060	15.006.30518
adobe / acrobat_reader_dc	15.008.20082	20.006.20042
adobe / acrobat_reader_dc	17.011.30059	17.011.30166

https://helpx.adobe.com/security/products/acrobat/apsb20-13.html

Vulnerability Database

CVE-2020-3803