개요
Adobe 제품군에서 발생하는 취약점을 해결하는 보안 업데이트를 발표하였습니다. 해당하는 제품 사용자는 최신 버전으로 업데이트 하시기 바랍니다.
대상 제품
CVE-2024-53959
- Adobe FrameMaker 버전: ~2020 Release Update 7(포함)
- Adobe FrameMaker 버전: ~2022 Release Update 5(포함)
CVE-2024-53957, CVE-2024-53958
- Adobe Substance 3D Painter 버전: ~10.1.1(포함)
CVE-2024-53956
- Adobe Premiere Pro 버전: ~25.0(포함) (Windows and macOS)
- Adobe Premiere Pro 버전: ~24.6.3(포함) (Windows and macOS)
CVE-2024-53955
- Adobe Bridge 버전: ~14.1.3(포함) (Windows and macOS)
- Adobe Bridge 버전: ~15.0(포함) (Windows and macOS)
CVE-2024-52999, CVE-2024-53000, CVE-2024-53001, CVE-2024-53002, CVE-2024-53003
- Adobe Substance 3D Modeler 버전: ~1.14.1(포함)
CVE-2024-52997
- Photoshop 2025 버전: ~26.0(포함) (Windows and macOS)
CVE-2024-52994, CVE-2024-52995, CVE-2024-52996
- Adobe Substance 3D Sampler 버전: ~4.5.1(포함)
CVE-2024-54032, CVE-2024-54034, CVE-2024-54035, CVE-2024-54036, CVE-2024-54037
- Adobe Connect 버전: ~12.6(포함)
- Adobe Connect 버전: ~11.4.7(포함)
CVE-2024-49513
- Adobe PDFL Software Development Kit (SDK) 버전: ~PDFL SDK 21.0.0.5(포함) (Windows, Linux and macOS)
CVE-2024-49543, CVE-2024-49544, CVE-2024-49545
- Adobe InDesign 버전: ~ID19.5(포함) (Windows and macOS)
- Adobe InDesign 버전: ~ID18.5.4(포함) (Windows and macOS)
CVE-2024-52982, CVE-2024-52983, CVE-2024-52984, CVE-2024-52985, CVE-2024-52986, CVE-2024-52987, CVE-2024-52988, CVE-2024-52989, CVE-2024-52990, CVE-2024-45155, CVE-2024-45156, CVE-2024-53953, CVE-2024-53954
- Adobe Animate 2023 버전: ~23.0.8(포함) (Windows and macOS)
- Adobe Animate 2024 버전: ~24.0.5(포함) (Windows and macOS)
CVE-2024-49537
- Adobe After Effects 버전: ~24.6.2(포함) (Windows and macOS)
- Adobe After Effects 버전: ~25.0.1(포함) (Windows and macOS)
CVE-2024-49538, CVE-2024-49541
- Illustrator 2025 버전: ~29.0.0(포함) (Windows and macOS)
- Illustrator 2024 버전: ~28.7.2(포함) (Windows and macOS)
CVE-2024-49551, CVE-2024-49552, CVE-2024-49553
- Adobe Media Encoder 버전: ~ 24.6.3(포함) (Windows and macOS)
- Adobe Media Encoder 버전: ~ 25.0(포함) (Windows and macOS)
CVE-2024-49530
- Acrobat DC 버전: ~ 24.005.20307(포함) (Windows and macOS)
- Acrobat Reader DC 버전: ~ 24.005.20307(포함) (Windows and macOS)
- Acrobat 2024 버전: ~ 24.001.30213(포함) (Windows)
- Acrobat 2024 버전: ~ 24.001.30193(포함) (macOS)
- Acrobat 2020 버전: ~ 20.005.30730(포함) (Windows)
- Acrobat 2020 버전: ~ 20.005.30710(포함) (macOS)
- Acrobat Reader 2020 버전: ~ 20.005.30730(포함) (Windows)
- Acrobat Reader 2020 버전: ~ 20.005.30710(포함) (macOS)
CVE-2024-43711
- Adobe Experience Manager (AEM) 버전: AEM Cloud Service (CS), ~6.5.21(포함)
해결된 취약점
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 스택 기반 버퍼 오버플로 취약점(CVE-2024-53959, CVE-2024-49543, CVE-2024-49537)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 힙 기반 버퍼 오버플로 취약점(CVE-2024-53957, CVE-2024-52995, CVE-2024-52996, CVE-2024-49545, CVE-2024-49552)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 Out-of-bounds 쓰기 취약점(CVE-2024-53958, CVE-2024-53000, CVE-2024-53001, CVE-2024-53002, CVE-2024-53003,CVE-2024-52994, CVE-2024-49513, CVE-2024-49544, CVE-2024-52988, CVE-2024-49538, CVE-2024-49551, CVE-2024-49553)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 Integer Underflow(Wrap 또는 Wraparound) 취약점(CVE-2024-53955, CVE-2024-52983, CVE-2024-52984, CVE-2024-52985, CVE-2024-52986, CVE-2024-52987, CVE-2024-52989, CVE-2024-53954)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 힙 기반 버퍼 오버플로 취약점(CVE-2024-52999)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 Use After Free 취약점(CVE-2024-52997, CVE-2024-53953, CVE-2024-49530)
공격자가 취약한 폼 필드에 악성 스크립트를 삽입하는 데 악용될 수 있는 크로스 사이트 스크립팅(XSS) 취약점(CVE-2024-54032, CVE-2024-54034, CVE-2024-54036, CVE-2024-54037)
행위자가 리소스에 액세스하거나 작업을 수행하려고 할 때, 제품이 권한 부여 확인을 수행하지 않거나 올바르게 수행하지 않는 취약점(CVE-2024-54035)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 부적절한 입력 검증 취약점(CVE-2024-52982, CVE-2024-43711)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 Buffer Underwrite(‘Buffer Underflow’) 취약점(CVE-2024-52990)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 Access of Uninitialized Pointer 취약점(CVE-2024-45155)
현재 사용자의 컨텍스트에서 임의의 코드 실행을 초래할 수 있는 NULL 포인터 역참조 취약점(CVE-2024-45156)
민감한 메모리가 공개될 수 있는 범위를 벗어난 Out-of-bounds 읽기 취약점(CVE-2024-49541)
취약점 패치
최신 업데이트를 통해 취약점 패치가 제공되었습니다. 참고 사이트의 안내에 따라 최신 취약점 패치 버전으로 업데이트 하시기 바랍니다.
CVE-2024-53959
- Adobe FrameMaker 버전: FrameMaker 2020 Update 7 (with updated DLL – no version revision)
- Adobe FrameMaker 버전: FrameMaker 2022 Update 5 (with updated DLL – no version revision)
CVE-2024-53957, CVE-2024-53958
- Adobe Substance 3D Painter 버전: 10.1.2
CVE-2024-53956
- Adobe Premiere Pro 버전: 25.1 (Windows and macOS)
- Adobe Premiere Pro 버전: 24.6.4 (Windows and macOS)
CVE-2024-53955
- Adobe Bridge 버전: ~14.1.4 (Windows and macOS)
- Adobe Bridge 버전: ~15.0.1 (Windows and macOS)
CVE-2024-52999, CVE-2024-53000, CVE-2024-53001, CVE-2024-53002, CVE-2024-53003
- Adobe Substance 3D Modeler 버전: 1.15.0
CVE-2024-52997
- Photoshop 2025 버전: 26.1 (Windows and macOS)
CVE-2024-52994, CVE-2024-52995, CVE-2024-52996
- Adobe Substance 3D Sampler 버전: 4.5.2
CVE-2024-54032, CVE-2024-54034, CVE-2024-54035, CVE-2024-54036, CVE-2024-54037
- Adobe Connect 버전: 12.7
- Adobe Connect 버전: 11.4.9
CVE-2024-49513
- Adobe PDFL Software Development Kit (SDK) 버전: PDFL SDK 21.0.0.7 (Windows, Linux and macOS)
CVE-2024-49543, CVE-2024-49544, CVE-2024-49545
- Adobe InDesign 버전: ID20.0~(포함) (Windows and macOS)
- Adobe InDesign 버전: ID19.5.1~(포함) (Windows and macOS)
CVE-2024-52982, CVE-2024-52983, CVE-2024-52984, CVE-2024-52985, CVE-2024-52986, CVE-2024-52987, CVE-2024-52988, CVE-2024-52989, CVE-2024-52990, CVE-2024-45155, CVE-2024-45156, CVE-2024-53953, CVE-2024-53954
- Adobe Animate 2023 버전: 23.0.9 (Windows and macOS)
- Adobe Animate 2024 버전: 24.0.6 (Windows and macOS)
CVE-2024-49537
- Adobe After Effects 버전: 24.6.3 (Windows and macOS)
- Adobe After Effects 버전: 25.1 (Windows and macOS)
CVE-2024-49538, CVE-2024-49541
- Illustrator 2025 버전: 29.1~(포함) (Windows and macOS)
- Illustrator 2024 버전: 28.7.3~(포함) (Windows and macOS)
CVE-2024-49551, CVE-2024-49552, CVE-2024-49553
- Adobe Media Encoder 버전: 24.6.4 (Windows and macOS)
- Adobe Media Encoder 버전: 25.1 (Windows and macOS)
CVE-2024-49551, CVE-2024-49552, CVE-2024-49553
- Adobe Media Encoder 버전: 24.6.4 (Windows and macOS)
- Adobe Media Encoder 버전: 25.1 (Windows and macOS)
CVE-2024-49530
- Acrobat DC 버전: 24.005.20320 (Windows and macOS)
- Acrobat Reader DC 버전: 24.005.20320 (Windows and macOS)
- Acrobat 2024 버전: 24.001.30225 (Windows and macOS)
- Acrobat 2020 버전: 20.005.30748 (Windows and macOS)
- Acrobat Reader 2020 버전: 20.005.30748 (Windows and macOS)
CVE-2024-43711
- Adobe Experience Manager (AEM) 버전: AEM Cloud Service Release 2024.11, 6.5.22
참고사이트
[1] Security Updates Available for Adobe Media Encoder | APSB24-93
https://helpx.adobe.com/security/products/media-encoder/apsb24-93.html
[2] Security update available for Adobe Acrobat and Reader | APSB24-92
https://helpx.adobe.com/security/products/acrobat/apsb24-92.html
[3] Security updates available for Adobe Experience Manager | APSB24-69
https://helpx.adobe.com/security/products/experience-manager/apsb24-69.html
[4] Security updates available for Adobe Experience Manager | APSB24-94
https://helpx.adobe.com/security/products/experience-manager/apsb24-94.html
[5] Security updates available for Adobe Experience Manager | APSB24-95
https://helpx.adobe.com/security/products/experience-manager/apsb24-95.html
[6] Security updates available for Adobe Experience Manager | APSB24-96
https://helpx.adobe.com/security/products/experience-manager/apsb24-96.html
[7] Security updates available for Adobe Experience Manager | APSB24-97
https://helpx.adobe.com/security/products/experience-manager/apsb24-97.html
[8] Security updates available for Adobe Experience Manager | APSB24-98
https://helpx.adobe.com/security/products/experience-manager/apsb24-98.html
[9] Security updates available for Adobe Experience Manager | APSB24-99
https://helpx.adobe.com/security/products/experience-manager/apsb24-99.html
[10] Security updates available for Adobe Experience Manager | APSB24-100
https://helpx.adobe.com/security/products/experience-manager/apsb24-100.html
[11] Security updates available for Adobe Experience Manager | APSB24-101
https://helpx.adobe.com/security/products/experience-manager/apsb24-101.html
[12] Security updates available for Adobe Experience Manager | APSB24-102
https://helpx.adobe.com/security/products/experience-manager/apsb24-102.html
[13] Security updates available for Adobe Experience Manager | APSB24-103
https://helpx.adobe.com/security/products/experience-manager/apsb24-103.html
[14] Security updates available for Adobe Experience Manager | APSB24-104
https://helpx.adobe.com/security/products/experience-manager/apsb24-104.html
[15] Security updates available for Adobe Experience Manager | APSB24-105
https://helpx.adobe.com/security/products/experience-manager/apsb24-105.html
[16] Security updates available for Adobe Experience Manager | APSB24-106
https://helpx.adobe.com/security/products/experience-manager/apsb24-106.html