CVE-2022-44520: 
Adobe Acrobat Reader Continuous vulnerability analysis and mitigation

A use-after-free vulnerability (CVE-2022-44520) was identified in Adobe Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier, and 17.012.30205 and earlier. This vulnerability could result in arbitrary code execution in the context of the current user, requiring user interaction through opening a malicious file (Adobe Security, CVE Details).

The vulnerability is classified as a Use After Free (CWE-416) issue with a CVSS base score of 7.8 (Critical) and vector CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates a critical severity level with local access vector, low attack complexity, no privileges required, and user interaction required for exploitation (Adobe Security).

If successfully exploited, this vulnerability could lead to arbitrary code execution in the context of the current user. The high CVSS impact scores for confidentiality, integrity, and availability (C:H/I:H/A:H) indicate potential severe consequences if exploited (Adobe Security).

Adobe has released security updates to address this vulnerability. Users are recommended to update their software installations to the latest versions through the Help > Check for Updates menu option or by downloading the full installer from the Acrobat Reader Download Center. For IT administrators in managed environments, updates can be deployed via preferred methodologies such as AIP-GPO, bootstrapper, SCUP/SCCM for Windows, or Apple Remote Desktop and SSH for macOS (Adobe Security).