CVE-2020-9715
Published: 19 August 2020
Summary
CVE-2020-9715 is a high-severity Use After Free (CWE-416) vulnerability in Adobe Acrobat Dc. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 0.9% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-16 (Memory Protection) and SI-2 (Flaw Remediation).
Deeper analysis
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier contain a use-after-free vulnerability tracked as CVE-2020-9715 and assigned CWE-416. The flaw received a CVSS 3.1 score of 7.8 and can result in arbitrary code execution when triggered.
Exploitation requires local access with no privileges but depends on user interaction to open a malicious document, after which an attacker can achieve high impact on confidentiality, integrity, and availability with unchanged scope.
Adobe published fixes for the issue in APSB20-48, while technical details and proof-of-concept analysis have been released by Exodus Intelligence and the Zero Day Initiative.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-30495
Vulnerability details
Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .
- CWE(s)
- KEV Date Added
- 13 April 2026
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely application of vendor patches (APSB20-48) that eliminate the use-after-free flaw before a malicious PDF can be exploited.
Implements memory-protection safeguards that block unauthorized code execution arising from use-after-free conditions in Acrobat/Reader.
Malicious-code detection mechanisms can inspect or sandbox incoming PDF documents that attempt to trigger the vulnerability.