CVE-2022-30643: 
Adobe Illustrator vulnerability analysis and mitigation

Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that was assigned CVE-2022-30643. The vulnerability was discovered and reported to Adobe Systems Incorporated, with the CVE being created on May 12, 2022 (CVE MITRE).

The vulnerability is classified as an out-of-bounds write (CWE-787) issue. It received a CVSS v3.1 base score of 7.8 (High) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability requires local access and user interaction, but no privileges, while potentially impacting confidentiality, integrity, and availability at high levels (NVD).

The vulnerability could result in arbitrary code execution in the context of the current user. This means an attacker could potentially execute malicious code with the same privileges as the user running Adobe Illustrator (Adobe Security).

Adobe has released patches to address this vulnerability in updated versions of Adobe Illustrator. Users should upgrade to versions newer than 26.0.2 or 25.4.5 depending on their product line (Adobe Security).