CVE-2022-35673: 
Adobe Framemaker vulnerability analysis and mitigation

Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by an out-of-bounds read vulnerability (CVE-2022-35673) discovered in July 2022. The vulnerability occurs when parsing a crafted file and could result in a read past the end of an allocated memory structure. This security issue requires user interaction, specifically requiring a victim to open a malicious file (CVE Details).

The vulnerability is classified as an Out-of-bounds Read (CWE-125) with a CVSS base score of 7.8, indicating a high severity level. The vulnerability affects the file parsing functionality in Adobe FrameMaker, potentially allowing read operations beyond allocated memory boundaries (Lansweeper Blog).

If successfully exploited, this vulnerability could enable an attacker to execute code in the context of the current user. The impact is significant as it could lead to unauthorized code execution, potentially compromising the affected system's security (CVE Details).

Adobe has released patches to address this vulnerability. Users of Adobe FrameMaker 2019 should update to version 15.0.8, and users of FrameMaker 2020 should update to version 16.0.4. These updates are available through Adobe's official distribution channels (Adobe Security).