Rapid7 Vulnerability & Exploit Database

Adobe Acrobat: APSB21-09 (CVE-2021-21041): Security update available for Adobe Acrobat and Reader | APSB21-09

Back to Search

Adobe Acrobat: APSB21-09 (CVE-2021-21041): Security update available for Adobe Acrobat and Reader | APSB21-09

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
02/09/2021
Created
02/10/2021
Added
02/10/2021
Modified
03/19/2021

Description

Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Solution(s)

  • adobe-acrobat-dc-upgrade-21-001-20135-macosx
  • adobe-acrobat-dc-upgrade-21-001-20135-windows
  • adobe-acrobat-reader-dc-upgrade-21-001-20135-macosx
  • adobe-acrobat-reader-dc-upgrade-21-001-20135-windows
  • adobe-acrobat-reader-upgrade-2017-011-30190-macosx
  • adobe-acrobat-reader-upgrade-2017-011-30190-windows
  • adobe-acrobat-reader-upgrade-2020-001-30020-macosx
  • adobe-acrobat-reader-upgrade-2020-001-30020-windows
  • adobe-acrobat-upgrade-2017-011-30190-macosx
  • adobe-acrobat-upgrade-2017-011-30190-windows
  • adobe-acrobat-upgrade-2020-001-30020-macosx
  • adobe-acrobat-upgrade-2020-001-30020-windows

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;