Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2020-3760
CVE-2020-3760:
Adobe Digital Editions vulnerability analysis and mitigation
Overview
Adobe Digital Editions versions 4.5.10 and below were found to contain a command injection vulnerability identified as CVE-2020-3760. The vulnerability was discovered in December 2019 and officially disclosed in February 2020. This security flaw affected Adobe's eBook reader software program (CVE Details, Adobe Security).
Technical details
The vulnerability is classified as a command injection flaw that occurs when the application passes unsafe user-supplied data to a system shell. This critical security issue was given a severity rating of 'Critical' due to its potential impact (Threatpost).
Impact
If successfully exploited, this vulnerability could lead to arbitrary code execution in the affected systems, potentially allowing attackers to run malicious commands with the privileges of the current user (CVE Details, Threatpost).
Mitigation and workarounds
Adobe addressed this vulnerability by releasing version 4.5.11 for Windows of Adobe Digital Editions. Users of affected versions were urged to update to this patched version to mitigate the security risk (Adobe Security).
Additional resources
Source: This report was generated using AI
Related Adobe Digital Editions vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management