CVE-2022-30642: 
Adobe Illustrator vulnerability analysis and mitigation

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability identified as CVE-2022-30642. The vulnerability was discovered and assigned on May 12, 2022, and requires user interaction through opening a malicious file to be exploited (CVE Mitre).

The vulnerability is classified as an out-of-bounds write (CWE-787) with a CVSS v3.1 base score of 7.8 (HIGH), and vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates local access is required, with low attack complexity, no privileges needed, and user interaction required. The vulnerability affects both Windows and macOS operating systems (Adobe Security Bulletin).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user. The high CVSS score indicates potential severe impacts on confidentiality, integrity, and availability of the affected system (Adobe Security Bulletin).

Adobe has released patches to address this vulnerability in updated versions of Adobe Illustrator. Users should update their software versions beyond 26.0.2 or 25.4.5 to mitigate this security risk (Adobe Security Bulletin).