CVE-2023-47063: 
Adobe Illustrator vulnerability analysis and mitigation

Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by an out-of-bounds write vulnerability identified as CVE-2023-47063. The vulnerability was discovered and reported through Adobe's private bug bounty program with HackerOne, with the initial disclosure occurring on December 13, 2023 (NVD, Adobe Advisory).

The vulnerability is classified as an out-of-bounds write vulnerability (CWE-787) that affects Adobe Illustrator's file parsing functionality. The CVSS v3.1 base score is 7.8 (HIGH), with a vector string of CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access, low attack complexity, no privileges required, and user interaction required (NVD).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user. The high CVSS score reflects the potential for complete compromise of system confidentiality, integrity, and availability within the scope of the affected user's permissions (NVD).

Adobe has released version 28.1 to address this vulnerability. Users of affected versions should update to the latest version of Adobe Illustrator (Adobe Advisory).