Fortinet Discovers Adobe Animate Arbitrary Code Execution Vulnerability
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Adobe Animate.
Adobe Animate is a multimedia authoring and computer animation program. It is used to design vector graphics and animation for television programs, online video, websites, web applications, rich internet applications, and video games.
An out-of-bounds write vulnerability has been discovered in Adobe Animate by FortiGuard Labs. The vulnerability exists because the vulnerable software can't correctly parse a crafted FLA file. The successful exploit of this vulnerability could allow malicious users to create code execution scenarios.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Dec 28, 2020
Apply the solution provided by Adobe.
Fortinet reported the vulnerability to Adobe on December 17, 2020.
Adobe patched the vulnerability on February 9, 2021.