Adobe has released a security update for Adobe Bridge for arbitrary code execution in the context of the current user.
Vulnerability Description
Adobe has released a security update for Adobe Bridge. This update addresses critical and important vulnerabilities that could lead to arbitrary code execution in the context of the current user.
However, Successful exploitation of these vulnerabilities can lead to:
Vulnerability Category | Vulnerability Impact | Severity | CVE Numbers |
Out-of-bounds read | Information Disclosure | Important | CVE-2021-21091 |
Improper Authorization | Privilege Escalation | Important | CVE-2021-21096 |
Memory Corruption | Arbitrary code execution | Critical | CVE-2021-21093, CVE-2021-21092 |
Out-of-bounds write | Arbitrary code execution | Critical | CVE-2021-21094, CVE-2021-21095 |
Affected Versions
Product | Version | Platform |
---|---|---|
Adobe Bridge | 10.1.1 and earlier versions | Windows |
Adobe Bridge | 11.0.1 and earlier versions | Windows |
Security Recommendation
Certainly, Adobe recommends users to update their installation to the newest version via the Creative Cloud desktop app‘s update mechanism.
Product | Version | Platform |
Adobe Bridge | 10.1.2 | Windows and macOS |
Adobe Bridge | 11.0.2 | Windows and macOS |
Reference
https://helpx.adobe.com/security/products/bridge/apsb21-23.html
Leave A Comment