CVE-2020-9715 - PatchNow

📋 Vulnerability Details

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: USER_INTERACTION

CVE Published: 2020-08-19

Added to CISA KEV: 2026-04-13 2063 DAYS BETWEEN CVE AND KEV

🎯 Recommendations:

CRITICAL: Check for indicators of compromise - this vulnerability is in CISA KEV indicating active exploitation in the wild. Review logs, check for unauthorized access, verify system integrity
Update Adobe Acrobat and Reader to versions newer than 2020.009.20074 immediately
Implement PDF scanning and sandboxing solutions for email attachments
Train users to be cautious when opening PDF documents from untrusted sources
Consider application whitelisting or enhanced endpoint protection
HIGH priority patching for all desktop installations

🔍 Web Intelligence (Kagi · 2026-06-04)

CVE-2020-9715 is a critical memory corruption vulnerability affecting Adobe Acrobat and Reader that has been confirmed as exploited in the wild ^[1] ^[2].

Vulnerability Overview

Type: Use-After-Free (UAF) memory corruption vulnerability ^[3] ^[1].
Impact: Successful exploitation allows an attacker to execute arbitrary code on the target system ^[3] ^[1]. It can specifically enable the execution of malicious JavaScript and the running of malicious executable files within system memory ^[2].

Exploitation and Requirements

Method: The vulnerability is triggered when a user opens a specially crafted PDF document ^[3].
User Interaction: User interaction is required, as the victim must be convinced to open the malicious file ^[3].
Exploit Availability: Proof-of-concept (PoC) material and technical analysis regarding the exploitation of the Adobe `ESObject` (the component involved in the UAF) have been documented in security research, demonstrating how to manipulate the object cache to achieve code execution ^[2].

Exploitation in the Wild

Status: The vulnerability has been exploited in the wild, specifically targeting users running outdated versions of Adobe Acrobat and Reader ^[2].
CISA KEV: Due to its active exploitation, it is included in the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog, requiring organizations to prioritize its remediation ^[1].

Affected Versions and Mitigation

Affected Versions: The vulnerability affects several versions of Adobe Acrobat and Reader, including:

* Acrobat and Reader 2020.009.20074 and earlier * Acrobat and Reader 2020.001.30002 * Acrobat and Reader 2017.011.30171 and earlier * Acrobat and Reader 2015.006.30523 and earlier ^[1]

Mitigation: The primary mitigation is to ensure that Adobe Acrobat and Reader software is updated to the latest patched versions provided by Adobe. Organizations should consult the official Adobe security bulletins and CISA guidance for specific patch requirements ^[1].

Sources

NVD - cve-2020-9715
CVE-2020-9715 Detail. Description. Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .Reference CISA's BOD 22-01…
CVE-2020-9715 - Exploits & Severity - Feedly
Threat Intelligence Report The vulnerability CVE-2020-9715 is a critical Use-After-Free vulnerability in Adobe Acrobat programs that allows attackers to execute malicious JavaScript and run malicious EXE files in the system memory. It has been exploited in the wild, targeting users with outdated Ado…
CVE-2020-9715: Adobe Acrobat DC Use-After-Free Flaw
This memory corruption flaw allows attackers to execute arbitrary code on affected systems when a user opens a specially crafted PDF document. ... CVE-2020-9715 is a use-after-free vulnerability in Adobe Acrobat and Reader that enables arbitrary code execution. This article covers the technical deta…

🟢 CVE-2020-9715