Adobe has released a security update for Adobe InDesign. This update addresses critical and important vulnerabilities that could lead to memory exposure, arbitrary code execution, and application denial-of-service.
Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates.
Adobe categorizes these updates with the following priority rating and recommends users update their software installations via the Creative Cloud desktop app updater, or by navigating to the InDesign Help menu and clicking "Updates." For more information, please reference this help page.
20.5.221.2Exploitability
AV:LAC:LPR:NUI:RScope
S:UImpact
C:HI:HA:H7.8/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H