CVE-2024-20709 MEDIUM

CVE-2024-20709: New Edge T5 MSRC Case [DCMSFT-1081]

Vendor Adobe

Product Acrobat for Edge

Weakness CWE-20 · Input validation

Published January 15, 2024

Last update June 17, 2025

View on NVD All CVEs

CVSS base score

5.5/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Key dates

02Disclosure timeline

January 15, 2024 CVE published

June 17, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-20709 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

CVE-2024-20709: New Edge T5 MSRC Case [DCMSFT-1081]

01Description

02Disclosure timeline

03References

04Related CVE