City

Marathi | Hindi

Epaper

Indian cyber agency alerts users of multiple bugs in Adobe products

By IANS | Published: June 16, 2022 4:48 PM

New Delhi, June 16 The Indian Computer Emergency Response Team (CERT-In) on Thursday issued an advisory over multiple ...

Open in App

Indian cyber agency alerts users of multiple bugs in Adobe products

New Delhi, June 16 The Indian Computer Emergency Response Team (CERT-In) on Thursday issued an advisory over multiple vulnerabilities in Adobe products that could help hackers infiltrate into computer systems.

The bugs were reported in Adobe products like InDesign (along with earlier versions for Windows and macOS), InCopy, Illustrator, Bridge and Animate (and earlier versions for Windows and macOS).

"Multiple vulnerabilities have been reported in Adobe products which could allow an attacker to gain elevated privileges, execute arbitrary code, write arbitrary files on the file system and cause memory leak on the targeted system," said CERT-In which comes under the Ministry of Electronics and Information Technology (MeitY).

These vulnerabilities, according to the national cyber-security agency, exist in Adobe products due to "improper Input Validation, improper authorisation, heap-based buffer overflow, out-of-bounds Write, out-of-bounds read and use after free flaws".

An attacker could exploit these vulnerabilities by persuading the victim to open a specially crafted file or application, the advisory read.

Successful exploitation of these vulnerabilities could allow an attacker to gain elevated privileges, execute arbitrary code, write arbitrary files on the file system and cause memory leak on the targeted system.

CERT-In advised users to install appropriate software updates as part of the Adobe security updates.

The cyber-security agency also reported multiple vulnerabilities in Citrix Application Delivery Management (ADM) products which could allow a remote attacker to cause security bypass and denial of service conditions on the targeted systems.

"This vulnerability exists in Citrix ADM due to improper access control. A remote attacker could exploit this vulnerability by sending a specially-crafted request to corrupt the system and reset the administrator password at the next device reboot," according to CERT-In.

Successful exploitation of this vulnerability could allow a remote attacker to bypass security and cause improper access control on an affected device, the agency added.

Disclaimer: This post has been auto-published from an agency feed without any modifications to the text and has not been reviewed by an editor

Tags: Citrix SystemsMinistry Of Electronics And Information TechnologyUnion ministry of electronics and information technologyUnion electronics and information technologyElectronics departmentInformation and technology departmentUnion ministry of communicationsUnion ministry of electronicsMinistry of electronics and information and technologyMinistry of electronics & itInformation technology, electronics and communications department
Open in App

Related Stories

NationalMeitY Issues Advisory to Large AI Companies: 'Platforms Must Seek Permission for Launching AI Models in India'

NationalGovernment directs social media platforms to comply with IT rules in deepfake crackdown

NationalWill provide free DTH, improve radio’s reach in villages along Indo-China border: Anurag Thakur

International'Succession', 'The Last Of Us', 'White Lotus', 'Ted Lasso' lead the pack at 2023 Emmy nominations

NationalEducation Ministry releases report on Performance Grading Index for Districts

Technology Realted Stories

TechnologyIndia and Oman to jointly undertake research on sharks and rays in Arabian Sea

TechnologyIISc, Lam Research upskill engineers in semiconductor fabrication tech

TechnologyVedanta fully acquires Japanese display glass major AvanStrate

TechnologyConsumer tech company Nothing logs 144 pc growth in Q1

TechnologyTeenagers must have meaningful, yet safe online experiences: Meta India