{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-27284/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-27284"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["InDesign Desktop"],"_cs_severities":["high"],"_cs_tags":["cve-2026-27284","adobe-indesign","out-of-bounds-read","code-execution"],"_cs_type":"advisory","_cs_vendors":["Adobe"],"content_html":"\u003cp\u003eCVE-2026-27284 is an out-of-bounds read vulnerability affecting Adobe InDesign Desktop versions 20.5.2, 21.2, and earlier. The vulnerability occurs when the application parses a maliciously crafted file, potentially leading to a read operation beyond the allocated memory boundary. This could allow an attacker to execute arbitrary code with the privileges of the logged-on user. Successful exploitation of this vulnerability requires user interaction; a victim must open a specifically crafted InDesign file provided by the attacker. This vulnerability poses a risk to organizations where InDesign is used for processing potentially untrusted documents, such as in creative agencies or publishing houses. The report was published on 2026-04-14.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious InDesign file designed to trigger the out-of-bounds read vulnerability.\u003c/li\u003e\n\u003cli\u003eThe attacker delivers the malicious file to a target user, potentially through email, shared storage, or a compromised website.\u003c/li\u003e\n\u003cli\u003eThe user opens the malicious InDesign file using a vulnerable version of Adobe InDesign (20.5.2, 21.2 or earlier).\u003c/li\u003e\n\u003cli\u003eInDesign attempts to parse the crafted file, which contains malformed data structures designed to trigger the vulnerability.\u003c/li\u003e\n\u003cli\u003eDuring parsing, InDesign attempts to read data beyond the allocated buffer, triggering the out-of-bounds read.\u003c/li\u003e\n\u003cli\u003eThe out-of-bounds read leads to an exploitable condition, such as overwriting a return address or other critical data in memory.\u003c/li\u003e\n\u003cli\u003eThe attacker gains control of the program counter and executes arbitrary code in the context of the current user.\u003c/li\u003e\n\u003cli\u003eThe attacker can then perform malicious actions such as installing malware, stealing sensitive data, or gaining persistent access to the system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-27284 allows an attacker to execute arbitrary code in the context of the logged-on user. This can lead to the complete compromise of the affected system, including data theft, malware installation, and potentially lateral movement within the network. The impact is significant, especially in environments where InDesign is used to handle sensitive information or as part of critical workflows. If successful, attackers could potentially compromise intellectual property, customer data, or other confidential information.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the security update provided by Adobe to address CVE-2026-27284 (reference: \u003ca href=\"https://helpx.adobe.com/security/products/indesign/apsb26-32.html)\"\u003ehttps://helpx.adobe.com/security/products/indesign/apsb26-32.html)\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule to detect suspicious InDesign process behavior indicative of exploitation (see rules below).\u003c/li\u003e\n\u003cli\u003eEducate users about the risks of opening untrusted or unexpected files, especially from external sources.\u003c/li\u003e\n\u003cli\u003eMonitor process creation events for InDesign spawning child processes or accessing unusual network resources.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-02T12:00:00Z","date_published":"2024-01-02T12:00:00Z","id":"https://feed.craftedsignal.io/briefs/2024-01-02-indesign-oob-read/","summary":"Adobe InDesign Desktop versions 20.5.2, 21.2 and earlier are vulnerable to an out-of-bounds read (CVE-2026-27284) when parsing a crafted file, potentially leading to code execution if a user opens a malicious file.","title":"Adobe InDesign Out-of-Bounds Read Vulnerability (CVE-2026-27284)","url":"https://feed.craftedsignal.io/briefs/2024-01-02-indesign-oob-read/"}],"language":"en","title":"CraftedSignal Threat Feed - Cve-2026-27284","version":"https://jsonfeed.org/version/1.1"}