CVE-2020-24428 : Security Advisory and Response

Acrobat Reader DC for macOS is affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could lead to local privilege escalation.

Understanding CVE-2020-24428

Acrobat Reader DC for macOS Race Condition Vulnerability Could Lead to Privilege Escalation

What is CVE-2020-24428?

Acrobat Reader DC versions 2020.012.20048 and earlier, 2020.001.30005 and earlier, and 2017.011.30175 and earlier for macOS are vulnerable to a TOCTOU race condition, potentially allowing local privilege escalation through user interaction.

The Impact of CVE-2020-24428

CVSS Base Score: 7.7 (High)
Attack Vector: Local
Attack Complexity: High
Privileges Required: None
User Interaction: Required
Exploitation could result in high impacts on confidentiality, integrity, and availability.

Technical Details of CVE-2020-24428

Vulnerability Description

The vulnerability in Acrobat Reader DC for macOS involves a TOCTOU race condition, requiring a victim to open a malicious file to exploit it.

Affected Systems and Versions

Affected Systems: Acrobat Reader DC for macOS
Affected Versions:
2020.012.20048 and earlier
2020.001.30005 and earlier
2017.011.30175 and earlier

Exploitation Mechanism

Exploitation of this vulnerability necessitates user interaction, where a victim must open a malicious file to trigger the privilege escalation.

Mitigation and Prevention

Immediate Steps to Take

Update Acrobat Reader DC to the latest version.
Avoid opening files from untrusted sources.
Exercise caution while interacting with unknown or suspicious files.

Long-Term Security Practices

Regularly update software and applications to patch known vulnerabilities.
Implement security best practices to prevent privilege escalation attacks.

Patching and Updates

Apply security patches provided by Adobe to address the vulnerability in Acrobat Reader DC for macOS.