Adobe has released a security update for Adobe Bridge for arbitrary code execution in the context of the current user.
Adobe has released a security update for Adobe Bridge. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution in the context of the current user.
However, Successful exploitation of these vulnerabilities can lead to:
|Vulnerability Category||Vulnerability Impact||Severity||CVE Numbers|
|Out-of-bounds read||Information Disclosure||Important||CVE-2021-21091|
|Improper Authorization||Privilege Escalation||Important||CVE-2021-21096|
|Memory Corruption||Arbitrary code execution||Critical||CVE-2021-21093, CVE-2021-21092|
|Out-of-bounds write||Arbitrary code execution||Critical||CVE-2021-21094, CVE-2021-21095|
|Adobe Bridge||10.1.1 and earlier versions||Windows|
|Adobe Bridge||11.0.1 and earlier versions||Windows|
Certainly, Adobe recommends users to update their installation to the newest version via the Creative Cloud desktop app‘s update mechanism.
|Adobe Bridge||10.1.2||Windows and macOS|
|Adobe Bridge||11.0.2||Windows and macOS|