cbcvebase.
CVE-2014-0546
published 2014-08-12

CVE-2014-0546: Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently…

PriorityP186critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-06-15
Exploited in the wild
EPSS
22.33%
97.4th percentile
Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via unspecified vectors.

Affected

4 ranges
VendorProductVersion rangeFixed in
adobeacrobat>= 10.0 < 10.1.1110.1.11
adobeacrobat>= 11.0 < 11.0.0811.0.08
adobeacrobat_reader>= 10.0 < 10.1.1110.1.11
adobeacrobat_reader>= 11.0 < 11.0.0811.0.08

Detection & IOCsextracted from sources · hover to see the quote

  • Target platform is Windows only; detections should be scoped to Windows hosts running Adobe Reader or Acrobat 10.x before 10.1.11 or 11.x before 11.0.08
  • Monitor for Adobe Reader/Acrobat processes spawning unexpected privileged child processes or executing native code outside the sandbox, which would indicate successful sandbox bypass exploitation
  • ·The attack vector is described as 'unspecified vectors', meaning no specific exploit technique, file, command, or network indicator has been publicly disclosed in these sources; concrete IOCs cannot be derived

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vulncheck9.8CRITICAL
cisa9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.