In March 2018 ESET detected attacks using two zero-day vulnerabilities in Microsoft win32k.sys driver (CVE-2018-8120) and and Adobe Acrobat.
JS/Exploit.Pdfka.QNV trojan (ESET)
Vulnerability details
Advisory: SB2018051506 - Multiple vulnerabilities in Adobe Reader and Acrobat
Vulnerable component: Adobe Acrobat
CVE-ID: CVE-2018-4990
CVSSv3 score: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C
CWE-ID: CWE-415 - Double Free
Description:
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to double free memory error when handling malicious input. A remote attacker can trick the victim into opening a specially crafted .pdf file and execute arbitrary code with privileges of the current user.