Skip to main content

CVE-2023-47074: Out-of-bounds Read (CWE-125) in Adobe Illustrator

High
VulnerabilityCVE-2023-47074cvecve-2023-47074cwe-125
Published: Wed Dec 13 2023 (12/13/2023, 09:30:09 UTC)
Source: CVE
Vendor/Project: Adobe
Product: Illustrator

Description

Adobe Illustrator versions 28.0 (and earlier) and 27.9 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

AI-Powered Analysis

AILast updated: 07/08/2025, 08:12:20 UTC

Technical Analysis

CVE-2023-47074 is a high-severity out-of-bounds read vulnerability (CWE-125) affecting Adobe Illustrator versions 28.0 and earlier, as well as 27.9 and earlier. The vulnerability arises during the parsing of a specially crafted file, where the application reads beyond the allocated memory boundary. This memory corruption can be exploited by an attacker to execute arbitrary code within the context of the current user. Exploitation requires user interaction, specifically that the victim opens a maliciously crafted Illustrator file. The vulnerability does not require prior authentication or elevated privileges, but the attacker must convince the user to open the file. The CVSS v3.1 base score is 7.8, reflecting a high impact on confidentiality, integrity, and availability (all rated high), with low attack complexity and no privileges required, but user interaction is necessary. No known exploits are currently reported in the wild, and no patches have been linked yet. Given Adobe Illustrator’s widespread use in creative industries, this vulnerability poses a significant risk, especially in environments where Illustrator files are exchanged frequently. The out-of-bounds read could lead to arbitrary code execution, potentially allowing attackers to install malware, steal sensitive design data, or pivot within a compromised network.

Potential Impact

For European organizations, the impact of CVE-2023-47074 could be substantial, particularly for those in the creative, advertising, media, and design sectors where Adobe Illustrator is heavily used. Successful exploitation could lead to unauthorized access to intellectual property, leakage of sensitive client data, and disruption of business operations. Since the vulnerability allows code execution with the current user's privileges, attackers could deploy ransomware, spyware, or other malware, leading to data loss or operational downtime. Additionally, organizations handling sensitive or regulated data (e.g., GDPR-protected personal data) could face compliance violations and reputational damage if breaches occur. The requirement for user interaction means that phishing or social engineering campaigns could be leveraged to deliver malicious files, increasing the risk in environments with less stringent user awareness training. The lack of patches at the time of this report further elevates the risk until mitigations are applied.

Mitigation Recommendations

European organizations should implement targeted mitigations beyond generic advice: 1) Enforce strict email and file attachment scanning policies to detect and quarantine suspicious Illustrator files before reaching end users. 2) Educate users specifically about the risks of opening unsolicited or unexpected Illustrator files, emphasizing verification of file sources. 3) Employ application whitelisting and sandboxing techniques for Adobe Illustrator to limit the impact of potential exploitation. 4) Monitor network and endpoint behavior for anomalies indicative of exploitation attempts, such as unexpected process launches or memory access violations related to Illustrator. 5) Maintain up-to-date backups of critical design assets to ensure recovery in case of compromise. 6) Coordinate with Adobe for timely patch deployment once available, and consider temporary disabling of Illustrator file preview features in email clients or file explorers to reduce accidental triggering. 7) Use endpoint detection and response (EDR) tools to detect exploitation patterns specific to out-of-bounds memory reads and code execution attempts.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
adobe
Date Reserved
2023-10-30T16:23:27.888Z
Cisa Enriched
true
Cvss Version
3.1
State
PUBLISHED

Threat ID: 682f6b520acd01a24926463f

Added to database: 5/22/2025, 6:22:10 PM

Last enriched: 7/8/2025, 8:12:20 AM

Last updated: 8/14/2025, 10:31:24 PM

Views: 15

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats