CVE-2020-3760
CRITICALAdobe Digital Editions <4.5.10 - Command Injection
Title source: llmDescription
Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://helpx.adobe.com/security/products/Digital-Editions/apsb20-07.html
Scores
CVSS v3
9.8
EPSS
0.0715
EPSS Percentile
93.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-77
Status
published
Products (1)
adobe/digital_editions
< 4.5.10
Published
Feb 13, 2020
Tracked Since
Feb 18, 2026