CVE-2023-47050: 
Adobe Audition vulnerability analysis and mitigation

CVE-2023-47050 is an out-of-bounds read vulnerability affecting Adobe Audition version 24.0 (and earlier) and 23.6.1 (and earlier). The vulnerability was disclosed on November 14, 2023, and involves parsing crafted files that could result in a read past the end of an allocated memory structure (NVD, Adobe Advisory).

The vulnerability is classified as an out-of-bounds read (CWE-125) with a CVSS v3.1 base score of 7.8 (HIGH) according to NVD's assessment, while Adobe Systems rated it with a base score of 5.5 (MEDIUM). The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access, low attack complexity, no privileges required, and user interaction required (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute code in the context of the current user. The exploitation requires user interaction, specifically requiring a victim to open a malicious file (NVD).

Adobe has addressed this vulnerability in updated versions of the software. Users are advised to update to the latest version of Adobe Audition. The vulnerability affects version 24.0 (and earlier) and 23.6.1 (and earlier), so updating beyond these versions will mitigate the risk (Adobe Advisory).