High severity7.8CISA KEVNVD Advisory· Published Aug 19, 2020· Updated Apr 14, 2026

CVE-2020-9715

Description

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .

Affected products

Adobe Inc./Acrobat Dc3 versions
cpe:2.3:a:adobe:acrobat_dc:20.001.30002:*:*:*:classic:*:*:*+ 2 more
- cpe:2.3:a:adobe:acrobat_dc:20.001.30002:*:*:*:classic:*:*:*
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:classic:*:*:*range: >=15.006.30060,<=15.006.30523
- cpe:2.3:a:adobe:acrobat_dc:*:*:*:*:continuous:*:*:*range: >=15.008.20082,<=20.009.20074
Adobe Inc./Acrobat Reader Dc3 versions
cpe:2.3:a:adobe:acrobat_reader_dc:20.001.30002:*:*:*:classic:*:*:*+ 2 more
- cpe:2.3:a:adobe:acrobat_reader_dc:20.001.30002:*:*:*:classic:*:*:*
- cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:classic:*:*:*range: >=15.006.30060,<=15.006.30523
- cpe:2.3:a:adobe:acrobat_reader_dc:*:*:*:*:continuous:*:*:*range: >=15.008.20082,<=20.009.20074

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

blog.exodusintel.com/2021/04/20/analysis-of-a-use-after-free-vulnerability-in-adobe-acrobat-reader-dc/nvdExploitPatchThird Party Advisory
helpx.adobe.com/security/products/acrobat/apsb20-48.htmlnvdVendor Advisory
www.zerodayinitiative.com/advisories/ZDI-20-991/nvdThird Party AdvisoryVDB Entry
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.062
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000