Vulnerability detail

Enriched intelligence for a single CVE

7.8

CVSS
High

CVE-2020-9715

PUBLISHED

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an...

1 day faster than CISA KEV

Exploited in the wild PoC available Low complexity

Vendor: Adobe
Product: Adobe Acrobat and Reader
Published: Aug 19, 2020
EPSS: 79.2% · 99% pctl

Automate this intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.30523 and earlier have an use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .

cisa

Weaknesses (CWE)

CWE-416

Use After Free

CVSS scores

CVSS v3.1 7.8 High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2.0 9.3 High

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitation status

Exploited in the wild

Recorded 2026-06-01 13:30:34 UTC · CISA

Proof of concept available

Recorded 2022-01-10 08:23:05 UTC · GitHub

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CVE First	2026-06-01 13:07 UTC
CISA	2026-06-02 14:02 UTC

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

wonjunchun/CVE-2020-9715

github · Created 2022-08-29 14:33:40 UTC · 0 stars

Adobe Acrobat Reader UAF vulnerability Exploit code

lsw29475/CVE-2020-9715

github · Created 2022-01-10 08:23:05 UTC · 5 stars

Timeline

CVE ID Reserved

2020-03-02 00:00 UTC
CVE Published to Public

2020-08-19 00:00 UTC
Proof of Concept Exploit Available

2022-01-10 08:23 UTC
Added to KEVIntel

2026-06-01 13:07 UTC
KEV confirmed by CISA

2026-06-02 14:02 UTC