BDU:2021-03281

BDU

HighConfirmedExploit available

Уязвимость программ просмотра PDF-файлов Adobe Reader Document Cloud, Adobe Reader и программ редактирования PDF-файлов Adobe Acrobat Docum…

CVSS

8.8

High

EPSS

0.00

Published

2021-01-01

Updated

2021-01-01

Description

Уязвимость программ просмотра PDF-файлов Adobe Reader Document Cloud, Adobe Reader и программ редактирования PDF-файлов Adobe Acrobat Document Cloud, Adobe Acrobat связана с записью за границами буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить ппроизвольный код в контексте текущего пользователя с помощью специально сформированного PDF-файла

Tags · CWE

Pre-auth

Affected products

Adobe systems inc. Adobe acrobat 2017Adobe systems inc. Adobe acrobat 2017Adobe systems inc. Adobe acrobat 2020Adobe systems inc. Adobe acrobat 2020Adobe systems inc. Adobe acrobat document cloudAdobe systems inc. Adobe acrobat document cloudAdobe systems inc. Adobe acrobat reader 2017Adobe systems inc. Adobe acrobat reader 2017Adobe systems inc. Adobe acrobat reader 2020Adobe systems inc. Adobe acrobat reader 2020Adobe systems inc. Adobe acrobat reader document cloudAdobe systems inc. Adobe acrobat reader document cloud

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Timeline

2021-01-01

Published

2021-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: H

High (H)

Availability Impact

A: H

High (H)

Exploit indicators

EPSS

0.000 · p0

Known exploited (KEV)

Known exploits — Сканер-ВС

CVE-2021-21086

github-poc · https://github.com/infobyte/Exploit-CVE-2021-21086

Enterprise

Affected products

Adobe

Adobe Acrobat Document Cloud Adobe Acrobat Reader Document Cloud Adobe Acrobat 2017 Adobe Acrobat Reader 2017 Adobe Acrobat Reader 2020 Adobe Acrobat 2020

Product	Vendor	Status
adobe acrobat 2017	adobe systems inc.	Tracked
adobe acrobat 2017	adobe systems inc.	Tracked
adobe acrobat 2020	adobe systems inc.	Tracked
adobe acrobat 2020	adobe systems inc.	Tracked
adobe acrobat document cloud	adobe systems inc.	Tracked
adobe acrobat document cloud	adobe systems inc.	Tracked
adobe acrobat reader 2017	adobe systems inc.	Tracked
adobe acrobat reader 2017	adobe systems inc.	Tracked
adobe acrobat reader 2020	adobe systems inc.	Tracked
adobe acrobat reader 2020	adobe systems inc.	Tracked
adobe acrobat reader document cloud	adobe systems inc.	Tracked
adobe acrobat reader document cloud	adobe systems inc.	Tracked

Source databases

BDU

Related vulnerabilities

CVE-2021-21086

External references

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-21086@https://helpx.adobe.com/security/products/acrobat/apsb21-29.html@https://www.cybersecurity-help.cz/vdb/SB2021021001