CVE-2022-27794
Published: 11 May 2022
Summary
CVE-2022-27794 is a high-severity Access of Uninitialized Pointer (CWE-824) vulnerability in Apple Macos. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 15.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-32289
Vulnerability details
Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by the use of a variable that has not been initialized when processing of embedded fonts, potentially resulting in arbitrary code execution in the…
more
context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.