Adobe Security Bulletin

Security Updates Available for Adobe Digital Editions | APSB23-04

Bulletin ID

Date Published

Priority

APSB23-04

April 11, 2023  

3

Summary

Adobe has released a security update for Adobe Digital Editions. This update resolves one critical vulnerability that could result in arbitrary code execution.     

Affected product versions

Product

Version

Platform

Adobe Digital Editions

4.5.11.187303 and earlier versions

Windows

Solution

Adobe categorizes these updates with the following priority ratings and recommends users update their installation to the newest version:

Product

Version

Platform

Priority

Availability

Adobe Digital Editions

4.5.11.187658

Windows

3

Note:

Vulnerability Details

Vulnerability Category

Vulnerability Impact

Severity

CVSS base score 

CVE Numbers

Out-of-bounds Write (CWE-787)

Arbitrary code execution
 

Critical

7.8

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2023-21582

Acknowledgments

Adobe would like to thank the following security researchers for reporting these issues and for working with Adobe to help protect our customers.       

  • Michael DePlante (@izobashi) with Trend Micro Zero Day Initiative - CVE-2023-21582



Revisions

May 22, 2023: Solution Download Page revised.


For more information, visit https://helpx.adobe.com/security.html, or email PSIRT@adobe.com 

 

Get help faster and easier

New user?