CVE-2022-28230: 
Adobe Acrobat Reader Continuous vulnerability analysis and mitigation

CVE-2022-28230 is a use-after-free vulnerability discovered in Adobe Acrobat and Reader that affects the processing of acroform events. The vulnerability was disclosed on May 11, 2022, affecting multiple versions of Adobe Acrobat and Reader, including Acrobat Reader DC versions 22.001.20085 and earlier, and version 17.012.30205 and earlier (NVD).

The vulnerability is classified as a use-after-free vulnerability, which occurs during the processing of acroform events in Adobe Acrobat and Reader. The CVSS v3.0 score for this vulnerability is 8.7, indicating a high severity level with the following metrics: Impact:High/Attack Vector:Local/Attack Complexity:Low/Scope:Changed/Privileges Required:None/User Interaction:Required/Confidentiality:High (ManageEngine).

The exploitation of this vulnerability could potentially lead to arbitrary code execution and compromise of system confidentiality. The high CVSS score indicates significant potential impact on affected systems, particularly concerning data confidentiality and system integrity (CERT-FR).

Adobe has released security updates to address this vulnerability. Users are advised to update to the latest versions of affected products. For Acrobat DC, update to version 22.001.20117 or later for Windows and version 22.001.20112 or later for Mac. For Acrobat Reader 2020, update to version 20.005.30334 for Windows and version 20.005.30331 for Mac (Adobe Security).