CVE-2022-23199: 
Adobe Illustrator vulnerability analysis and mitigation

A Null-Pointer Dereference vulnerability (CVE-2022-23199) was discovered in Adobe Illustrator's CorelDraw Drawing (CDR) file decoding functionality. The vulnerability was reported by Fortinet security researchers and was patched by Adobe in February 2022. This vulnerability affects Adobe Illustrator 2022 (versions 26.0.2 and earlier) and Adobe Illustrator 2021 (versions 25.4.3 and earlier) on both Windows and MacOS platforms (Fortinet Blog).

The vulnerability is specifically caused by a malformed CDR file that triggers a NULL pointer dereference in the application. The vulnerability has been assigned a CVSS 2.0 score of 6.8 and CVSS 3.0 score of 7.7, indicating its important severity level (ManageEngine).

When successfully exploited, this vulnerability can lead to an application denial-of-service condition. The vulnerability affects the application's ability to properly handle CDR files, potentially causing the application to crash when processing maliciously crafted files (Fortinet Blog).

Adobe has released security patches to address this vulnerability. Users are strongly advised to update to the latest version of Adobe Illustrator. The vulnerability was fixed as part of Adobe's February 2022 Patch Tuesday updates (Adobe Security).