CVE-2024-34117: 
Adobe Photoshop vulnerability analysis and mitigation

Adobe Photoshop Desktop versions 24.7.3, 25.9.1 and earlier are affected by a Use After Free vulnerability identified as CVE-2024-34117. The vulnerability was disclosed on August 14, 2024, and affects both Windows and macOS platforms. This security flaw requires user interaction, specifically opening a malicious file, to be exploited (Adobe Advisory, SecurityWeek).

The vulnerability is classified as a Use After Free (CWE-416) issue that could lead to arbitrary code execution in the context of the current user. The severity of this vulnerability is rated as HIGH with a CVSS v3.1 Base Score of 7.8. The CVSS vector string is CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access vector, low attack complexity, no privileges required, and user interaction required (NVD).

If successfully exploited, this vulnerability could result in arbitrary code execution in the context of the current user, potentially allowing an attacker to take complete control of the affected system. The impact spans across both confidentiality, integrity, and availability aspects, as indicated by the high ratings in the CVSS score (SecurityWeek).

Adobe has released security updates to address this vulnerability. Users are recommended to update to Photoshop 2023 Version 24.7.4 or Photoshop 2024 Version 25.11, depending on their current version (SecurityWeek).