CVE-2013-3346 Adobe CVE debrief

Who should care

Organizations that use Adobe Reader or Acrobat, especially on endpoints where users regularly open PDF files or where patching is centrally managed.

Technical summary

The available official source material identifies the issue as a memory corruption vulnerability in Adobe Reader and Acrobat. The CISA KEV record marks it as a known exploited vulnerability and directs defenders to apply updates per vendor instructions. No further technical details are provided in the supplied corpus.

Defensive priority

High. CISA has listed this CVE in the Known Exploited Vulnerabilities catalog, which indicates known exploitation and a need for prompt remediation.

Recommended defensive actions

• Apply Adobe updates according to vendor instructions as soon as possible.
• Confirm all Reader and Acrobat installations are inventoried and included in patch management.
• Verify remediation on managed endpoints after updating.
• Track this CVE in vulnerability management and exception workflows until fully remediated.

Evidence notes

The supplied CISA KEV metadata identifies the vulnerability name as Adobe Reader and Acrobat Memory Corruption Vulnerability, marks it as a known exploited vulnerability, and specifies Apply updates per vendor instructions. The provided timeline shows dateAdded 2022-03-03 and dueDate 2022-03-24. The official references supplied are the CVE record, NVD detail page, and CISA KEV catalog.

Official resources