<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Aptos;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:12.0pt;
font-family:"Aptos",sans-serif;
mso-ligatures:standardcontextual;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#467886;
text-decoration:underline;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Aptos",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
mso-ligatures:none;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1047144304;
mso-list-template-ids:1702525518;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:1574506292;
mso-list-template-ids:-428577658;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2
{mso-list-id:1836605445;
mso-list-template-ids:-93546164;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3
{mso-list-id:1879465739;
mso-list-template-ids:92831980;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l3:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#467886" vlink="#96607D" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Good afternoon,<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">The SOC Services team is reporting on the vulnerability: CVE-2020-9715 affecting Adobe Acrobat and Reader products across Windows and macOS platforms. Because this
flaw has been confirmed to be exploited in the wild and is listed in the CISA KEV catalog, we are providing this in-depth information.<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">History:</span></u></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"> Adobe published a security bulletin on
August 11, 2020, and<b><u> </u></b>NIST published this CVE on August 19, 2020, following disclosure by Adobe. The CVSS v3.x base score is 7.8 (High) reported by NIST and CISA-ADP.<o:p></o:p></span></p>
<p class="MsoNormal" style="background:white"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Affected Versions<o:p></o:p></span></b></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l0 level1 lfo1;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Acrobat DC / Acrobat Reader DC (Continuous) versions 2020.009.20074 and earlier<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l0 level1 lfo1;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Acrobat 2020 / Acrobat Reader 2020 (Classic) version 20.001.30002<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l0 level1 lfo1;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Acrobat 2017 / Acrobat Reader 2017 versions 2017.011.30171 and earlier<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l0 level1 lfo1;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Desktop versions 2015.006.30523 and earlier<o:p></o:p></span></li></ul>
<p class="MsoNormal" style="background:white"><b><span style="mso-ligatures:none"><o:p> </o:p></span></b></p>
<p class="MsoNormal" style="background:white"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Fixed Versions<o:p></o:p></span></b></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l1 level1 lfo2;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Acrobat DC / Acrobat Reader DC (Continuous) version 2020.012.20041 or later<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l1 level1 lfo2;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Acrobat 2020 (Classic) version 2020.001.30005 or later<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l1 level1 lfo2;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Acrobat 2017 (Classic) version 2017.011.30175 or later<o:p></o:p></span></li></ul>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Adobe Acrobat and Reader contain a use-after-free vulnerability that occurs during the processing of certain objects within PDF documents. Successful exploitation
could lead to arbitrary code execution in the context of the current user<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Vendor Advisory: <a href="https://helpx.adobe.com/security/products/acrobat/apsb20-48.html"><span style="color:black">APSB20-48: Security Updates Available for Adobe
Acrobat and Reader</span></a><o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Intelligence:</span></u></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"> On April 13, 2026, CISA confirmed
the vulnerability and has posted it in the Known Exploited Vulnerabilities Catalog.<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Exploitability Level:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"> Local Exploitability<br>
<b>Complexity:</b> Low<br>
<b>User Interaction:</b> Required<br>
<b>Remotely Exploitable:</b> No<br>
<b>Proof of Concept: </b>Yes<br>
<b>Zero Day:</b> No<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Workarounds:</span></u></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"> Disable JavaScript execution via
Edit > Preferences > JavaScript and uncheck 'Enable Acrobat JavaScript'; Enable Protected View for all files via Edit > Preferences > Security (Enhanced)<o:p></o:p></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">How it Works:</span></u></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"> The vulnerability is a memory corruption
flaw (CWE-416) triggered when the application handles ESObject objects. An attacker can craft a malicious PDF that manipulates the heap layout to place controlled data in a freed memory region<o:p></o:p></span></p>
<p class="MsoNormal" style="background:white"><b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Post-Exploit Impact:<o:p></o:p></span></u></b></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l2 level1 lfo3;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Arbitrary Code Execution (CWE:416)<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l2 level1 lfo3;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Complete System Compromise (CWE:416)<o:p></o:p></span></li></ul>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Indicators of Compromise (IoCs):<o:p></o:p></span></u></b></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="1242" style="width:931.2pt;background:white;border-collapse:collapse">
<tbody>
<tr>
<td width="126" style="width:94.2pt;border:solid #CCCCCC 1.0pt;background:#F2F2F2;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Type<o:p></o:p></span></b></p>
</td>
<td width="508" style="width:380.8pt;border:solid #CCCCCC 1.0pt;border-left:none;background:#F2F2F2;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Value<o:p></o:p></span></b></p>
</td>
<td width="608" style="width:456.2pt;border:solid #CCCCCC 1.0pt;border-left:none;background:#F2F2F2;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Description / Notes<o:p></o:p></span></b></p>
</td>
</tr>
<tr>
<td width="126" style="width:94.2pt;border:solid #CCCCCC 1.0pt;border-top:none;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Process Behavior<o:p></o:p></span></b></p>
</td>
<td width="508" style="width:380.8pt;border-top:none;border-left:none;border-bottom:solid #CCCCCC 1.0pt;border-right:solid #CCCCCC 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Acrobat.exe / AcroRd32.exe<o:p></o:p></span></p>
</td>
<td width="608" style="width:456.2pt;border-top:none;border-left:none;border-bottom:solid #CCCCCC 1.0pt;border-right:solid #CCCCCC 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Unexpected crashes or spawning of suspicious child processes<o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Tenable Plugins:</span></u></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"> As of April 13, 2026, Tenable
has the following plugins available for this KEV.<o:p></o:p></span></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="1241" style="width:931.1pt;background:white;border-collapse:collapse">
<tbody>
<tr>
<td width="126" style="width:94.2pt;border:solid windowtext 1.0pt;background:#F2F2F2;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Plugin ID<o:p></o:p></span></b></p>
</td>
<td width="828" style="width:620.9pt;border:solid windowtext 1.0pt;border-left:none;background:#F2F2F2;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Plugin Title<o:p></o:p></span></b></p>
</td>
<td width="84" style="width:63.0pt;border:solid windowtext 1.0pt;border-left:none;background:#F2F2F2;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Severity<o:p></o:p></span></b></p>
</td>
<td width="204" valign="top" style="width:153.0pt;border:solid windowtext 1.0pt;border-left:none;background:#F2F2F2;padding:.75pt .75pt .75pt .75pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Platform<o:p></o:p></span></b></p>
</td>
</tr>
<tr>
<td width="126" style="width:94.2pt;border:solid windowtext 1.0pt;border-top:none;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><a href="https://www.tenable.com/plugins/nessus/139578">139578</a><o:p></o:p></span></b></p>
</td>
<td width="828" style="width:620.9pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Adobe Acrobat < 2015.006.30527 / 2017.011.30175 / 2020.001.30005 / 2020.012.20041 Multiple Vulnerabilities
(APSB20-48) (macOS)<o:p></o:p></span></p>
</td>
<td width="84" valign="top" style="width:63.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">High</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
<td width="204" valign="top" style="width:153.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;background:transparent;padding:.75pt .75pt .75pt .75pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Nessus</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td width="126" style="width:94.2pt;border:solid windowtext 1.0pt;border-top:none;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><a href="https://www.tenable.com/plugins/nessus/139579">139579</a><o:p></o:p></span></b></p>
</td>
<td width="828" style="width:620.9pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Adobe Reader < 2015.006.30527 / 2017.011.30175 / 2020.001.30005 / 2020.012.20041 Multiple Vulnerabilities
(APSB20-48) (macOS)<o:p></o:p></span></p>
</td>
<td width="84" valign="top" style="width:63.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">High</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
<td width="204" valign="top" style="width:153.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;background:transparent;padding:.75pt .75pt .75pt .75pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Nessus</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td width="126" style="width:94.2pt;border:solid windowtext 1.0pt;border-top:none;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><a href="https://www.tenable.com/plugins/nessus/139580">139580</a><o:p></o:p></span></b></p>
</td>
<td width="828" style="width:620.9pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Adobe Acrobat < 2015.006.30527 / 2017.011.30175 / 2020.001.30005 / 2020.012.20041 Multiple Vulnerabilities
(APSB20-48)<o:p></o:p></span></p>
</td>
<td width="84" valign="top" style="width:63.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">High</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
<td width="204" valign="top" style="width:153.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;background:transparent;padding:.75pt .75pt .75pt .75pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Nessus</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
</tr>
<tr>
<td width="126" style="width:94.2pt;border:solid windowtext 1.0pt;border-top:none;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><a href="https://www.tenable.com/plugins/nessus/139581">139581</a><o:p></o:p></span></b></p>
</td>
<td width="828" style="width:620.9pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Adobe Reader < 2015.006.30527 / 2017.011.30175 / 2020.001.30005 / 2020.012.20041 Multiple Vulnerabilities
(APSB20-48)<o:p></o:p></span></p>
</td>
<td width="84" valign="top" style="width:63.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:6.0pt 6.0pt 6.0pt 6.0pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">High</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
<td width="204" valign="top" style="width:153.0pt;border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;background:transparent;padding:.75pt .75pt .75pt .75pt">
<p class="MsoNormal" align="center" style="text-align:center"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif">Nessus</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><u><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Recommended Actions:<o:p></o:p></span></u></b></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;background:white">
<b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none">Date Added to KEV Catalog:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black;mso-ligatures:none"> April 13, 2026<br>
<b>Due Date for Remediation:</b> April 27, 2026<o:p></o:p></span></p>
<ul type="disc">
<li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo4;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Prioritize the deployment of Adobe security updates across all workstations<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo4;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Standardize the 'Protected View' configuration via Group Policy<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo4;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Verify host has not been compromised before applying patches.<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo4;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Apply appropriate updates provided by the vendor to vulnerable systems after testing.<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo4;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Run all software as a non-privileged user to reduce the impact of a successful attack.<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3 level1 lfo4;background:white">
<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;mso-ligatures:none">Apply the Principle of Least Privilege to all systems and services.<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<table class="MsoNormalTable" border="0" cellspacing="0" cellpadding="0" width="702" style="width:526.5pt;border-collapse:collapse">
<tbody>
<tr style="height:63.0pt">
<td width="118" valign="top" style="width:88.35pt;padding:0in 4.65pt 0in 4.65pt;height:63.0pt">
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#1F497D;mso-ligatures:none;mso-fareast-language:ZH-CN"><img border="0" width="121" height="87" style="width:1.2604in;height:.9062in" id="Picture_x0020_4" src="cid:image001.png@01DCCB4C.41801BA0"></span><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;color:#1F497D;mso-ligatures:none;mso-fareast-language:ZH-CN"><o:p></o:p></span></p>
</td>
<td width="493" valign="top" style="width:369.65pt;padding:0in 4.65pt 0in 4.65pt;height:63.0pt">
<p class="MsoNormal" style="line-height:105%"><b><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;mso-ligatures:none;mso-fareast-language:ZH-CN">Cyber Security Services<o:p></o:p></span></b></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;mso-ligatures:none;mso-fareast-language:ZH-CN">State of Oregon Cyber Security Services<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;mso-ligatures:none;mso-fareast-language:ZH-CN">Enterprise Information Services | SOC<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;mso-ligatures:none;mso-fareast-language:ZH-CN">Cyber Security Services (CSS)<o:p></o:p></span></p>
<p class="MsoNormal" style="line-height:105%"><span style="font-size:11.0pt;line-height:105%;font-family:"Calibri",sans-serif;mso-ligatures:none;mso-fareast-language:ZH-CN">SOC Hotline: (503) 378-5930 | SOC Services (503) 373-0378<span style="color:#1F497D"><o:p></o:p></span></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>