CVE-2023-44371: 
Adobe Acrobat Reader Continuous vulnerability analysis and mitigation

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability identified as CVE-2023-44371. The vulnerability was disclosed on November 14, 2023, and affects both Windows and macOS operating systems. This security flaw could result in arbitrary code execution in the context of the current user, requiring user interaction through opening a malicious PDF file (Adobe Security).

The vulnerability is classified as a Use After Free (CWE-416) issue with a CVSS v3.1 Base Score of 7.8 (HIGH). The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access vector, low attack complexity, no privileges required, and user interaction required. The vulnerability occurs when the software improperly handles a maliciously crafted PDF file (NVD, FortiGuard).

Successful exploitation of this vulnerability could lead to arbitrary code execution within the context of the application. This means attackers could potentially gain control of vulnerable systems, compromising the confidentiality, integrity, and availability of the affected system (FortiGuard).

Adobe has released security updates to address this vulnerability. Users are strongly recommended to apply the most recent upgrade or patch available from Adobe. The fix is available through Adobe's security bulletin APSB23-54 (Adobe Security).