{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/indesign/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.8,"id":"CVE-2026-27283"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["InDesign"],"_cs_severities":["high"],"_cs_tags":["cve-2026-27283","adobe","indesign","use-after-free","execution"],"_cs_type":"advisory","_cs_vendors":["Adobe"],"content_html":"\u003cp\u003eCVE-2026-27283 is a use-after-free vulnerability affecting Adobe InDesign Desktop versions 20.5.2, 21.2, and earlier. This vulnerability can be exploited when a user opens a malicious InDesign file. Successful exploitation could lead to arbitrary code execution within the context of the current user. The vulnerability was reported to Adobe and assigned a CVSS v3.1 base score of 7.8, indicating a high severity. This vulnerability requires user interaction. The report highlights that a victim must open a malicious file for the exploitation to occur. Organizations utilizing vulnerable versions of InDesign should take appropriate actions to mitigate this risk.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker crafts a malicious Adobe InDesign file designed to trigger the use-after-free vulnerability.\u003c/li\u003e\n\u003cli\u003eThe attacker delivers the malicious InDesign file to the victim via email or other file-sharing methods.\u003c/li\u003e\n\u003cli\u003eThe victim, unaware of the malicious nature, opens the crafted InDesign file using a vulnerable version of Adobe InDesign Desktop (20.5.2, 21.2, or earlier).\u003c/li\u003e\n\u003cli\u003eInDesign attempts to access a memory location that has already been freed, triggering the use-after-free condition.\u003c/li\u003e\n\u003cli\u003eThe attacker gains control of the program counter due to the memory corruption.\u003c/li\u003e\n\u003cli\u003eThe attacker injects and executes arbitrary code within the context of the InDesign process.\u003c/li\u003e\n\u003cli\u003eThe attacker escalates privileges or performs malicious actions such as installing malware, stealing data, or compromising the system.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-27283 allows for arbitrary code execution within the context of the user running Adobe InDesign. This could allow an attacker to install programs, view, change, or delete data, or create new accounts with full user rights. The vulnerability affects Adobe InDesign Desktop users, potentially impacting creative professionals and organizations that rely on InDesign for their workflows. The vulnerability requires user interaction to trigger.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026quot;Detect InDesign Suspicious File Opens\u0026quot; to identify potential attempts to exploit CVE-2026-27283 by monitoring process creation events related to InDesign opening files (see rules).\u003c/li\u003e\n\u003cli\u003eEducate users about the risks of opening files from untrusted sources and the importance of verifying the legitimacy of InDesign files before opening them.\u003c/li\u003e\n\u003cli\u003eMonitor file creation events for InDesign processes creating suspicious files (see rules).\u003c/li\u003e\n\u003cli\u003eRefer to Adobe's security bulletin APSB26-32 for official guidance and updates regarding CVE-2026-27283 (references).\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-03T12:00:00Z","date_published":"2024-01-03T12:00:00Z","id":"https://feed.craftedsignal.io/briefs/2024-01-03-adobe-indesign-uaf/","summary":"Adobe InDesign Desktop versions 20.5.2, 21.2 and earlier are susceptible to a use-after-free vulnerability (CVE-2026-27283), potentially leading to arbitrary code execution if a user opens a specially crafted file.","title":"Adobe InDesign Use-After-Free Vulnerability (CVE-2026-27283)","url":"https://feed.craftedsignal.io/briefs/2024-01-03-adobe-indesign-uaf/"}],"language":"en","title":"CraftedSignal Threat Feed - Indesign","version":"https://jsonfeed.org/version/1.1"}