CVE-2020-9685

CWE-787 — Out-of-bounds Write3 documents3 sources

Severity

8.8HIGH

EPSS

13.6%

top 5.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Adobe Photoshop Adobe Photoshop CC Adobe Adobe Photoshop

Timeline

PublishedJul 22

Latest updateMay 24

Description

Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages3 packages

▶NVDadobe/photoshop21.2

▶NVDadobe/photoshop_cc20.0.9

▶CVEListV5adobe/adobe_photoshopPhotoshop CC 2019, and Photoshop 2020 versions

🔴Vulnerability Details

GHSA

GHSA-j99m-3q8x-q82h: Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability↗2022-05-24

▶

CVEList

CVE-2020-9685: Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerability↗2020-07-22

▶