CVE-2018-4878

high-risk
Published 2018-02-06

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018.

Do I need to act?

!
93.5% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
3 public exploits available
44412, 44744, 44745
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10 High
LOCAL / LOW complexity

Affected Products (7)

Affected Vendors

Redhat Adobe

References (30)

Technical Description http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html
Broken Link http://www.securityfocus.com/bid/102893
Broken Link http://www.securitytracker.com/id/1040318
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:0285
Third Party Advisory https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massi...
Third Party Advisory https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash...
Third Party Advisory https://github.com/vysec/CVE-2018-4878
Vendor Advisory https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
Exploit https://securingtomorrow.mcafee.com/mcafee-labs/hackers-bypassed-adobe-flash-pro...
Third Party Advisory https://threatpost.com/adobe-flash-player-zero-day-spotted-in-the-wild/129742/
Press/Media Coverage https://www.darkreading.com/threat-intelligence/adobe-flash-vulnerability-reappe...
Exploit https://www.exploit-db.com/exploits/44412/
Third Party Advisory https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-ze...
Technical Description https://www.trendmicro.com/vinfo/us/security/news/vulnerabilities-and-exploits/n...
Technical Description http://blog.talosintelligence.com/2018/02/group-123-goes-wild.html
Broken Link http://www.securityfocus.com/bid/102893
Broken Link http://www.securitytracker.com/id/1040318
Third Party Advisory https://access.redhat.com/errata/RHSA-2018:0285
Third Party Advisory https://blog.morphisec.com/flash-exploit-cve-2018-4878-spotted-in-the-wild-massi...
Third Party Advisory https://github.com/InQuest/malware-samples/tree/master/CVE-2018-4878-Adobe-Flash...
and 10 more references
65
/ 100
high-risk
Severity 24/34 · High
Exploitability 27/34 · High
Exposure 14/34 · Moderate