CVE-2023-21608 PoC — Adobe Acrobat Reader DC resetForm Use-After-Free Remote Code Execution Vulnerability

Source

Associated Vulnerability

Description

Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit

Readme

# CVE-2023-21608

[![Twitter Follow](https://img.shields.io/twitter/follow/HackSysTeam?style=social)](https://twitter.com/HackSysTeam)
[![Mastodon Follow](https://img.shields.io/mastodon/follow/109291325205105061?domain=https%3A%2F%2Finfosec.exchange&style=social)](https://infosec.exchange/@hacksysteam)
[![Discord Server](https://dcbadge.vercel.app/api/server/ns32uNhaq7?style=flat)](https://discord.com/invite/ns32uNhaq7)

This bug was `Use after Free` which was caused during `resetForm` operation while handling object memory references.

## Blog

-   [Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit - CVE-2023-21608](https://hacksys.io/blogs/adobe-reader-resetform-cagg-rce-cve-2023-21608)

## Advisory

-   [CVE-2023-21608](https://hacksys.io/advisories/HI-2022-006)

## Demo

[![Adobe Acrobat Reader DC - UaF - Remote Code Execution - CVE-2023-21608](https://img.youtube.com/vi/cguBkC0opXk/0.jpg)](https://www.youtube.com/watch?v=cguBkC0opXk)

File Snapshot

 [4.0K]  /data/pocs/9eb8f3f7428f00ad3d2010fb10329a635d9f0e27
├── [1.1K]  crash.js
├── [2.8K]  crash.pdf
├── [ 11K]  exploit.js
├── [ 13K]  exploit.pdf
├── [ 34K]  LICENSE
└── [ 962]  README.md

0 directories, 6 files

Remarks