Technical Severity
HIGH
CVSS v3.1 Metrics
7.8
/ 10
Minimal Risk
Critical
Vector Specification
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitation Likelihood
EPSS Prediction
92.55
%
Predictive Probability
Percentile Rank
99.7
th
Documented as more likely to be exploited than 99.7% of known CVEs.
Detection Date
Mar 03, 2022
Remediation Due
Mar 24, 2022
CISA Catalog Active
Threat Analysis
An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution.
Remediation Directive
Apply updates per vendor instructions.