Skip to main content

Adobe Monthly Security Update (May 2021)

Release Date: 12 May 2021 1933 Views

RISK: Extremely High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

Adobe has released monthly security update for their products:

 

Vulnerable ProductRisk LevelImpactsNotesDetails (including CVE)
Adobe Experience ManagerMedium Risk Medium RiskRemote Code Execution
Security Restriction Bypass
 APSB21-15
Adobe InDesignMedium Risk Medium RiskRemote Code Execution APSB21-22
Adobe IllustratorMedium Risk Medium RiskRemote Code Execution APSB21-24
Adobe InCopyMedium Risk Medium RiskRemote Code Execution APSB21-25
Adobe Genuine ServiceMedium Risk Medium RiskElevation of Privilege APSB21-27
Adobe Acrobat and ReaderExtremely High Risk Extremely High RiskRemote Code Execution
Elevation of Privilege
Information Disclosure

Exploit in the wild

CVE-2021-28550

APSB21-29
MagentoMedium Risk Medium RiskRemote Code Execution
Information Disclosure
Data Manipulation
Security Restriction Bypass
 APSB21-30
Adobe Creative Cloud Desktop ApplicationMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
 APSB21-31
Adobe Media EncoderMedium Risk Medium RiskRemote Code Execution
Elevation of Privilege
 APSB21-32
Adobe After EffectsMedium Risk Medium RiskRemote Code Execution APSB21-33
Adobe MediumMedium Risk Medium RiskRemote Code Execution APSB21-34
Adobe AnimateMedium Risk Medium RiskRemote Code Execution
Information Disclosure
 APSB21-35

 

Number of 'Extremely High Risk' product(s): 1

Number of 'High Risk' product(s): 0

Number of 'Medium Risk' product(s): 11

Number of 'Low Risk' product(s): 0

Evaluation of overall 'Risk Level': Extremely High Risk


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure
  • Elevation of Privilege
  • Data Manipulation

System / Technologies affected

  • Adobe Experience Manager 6.5.7.0 and earlier versions
  • Adobe Experience Manager 6.4.8.3 and earlier versions
  • Adobe Experience Manager 6.3.3.8 and earlier versions
  • Adobe Experience Manager AEM Cloud Service (CS)
  • Adobe InDesign 16.0 and earlier versions
  • Adobe Illustrator 2021 25.2 and earlier versions
  • Adobe InCopy  16.0 and earlier versions
  • Adobe Genuine Service 7.1 and earlier versions
  • Acrobat DC for Windows 2021.001.20150 and earlier versions
  • Acrobat Reader DC for Windows 2021.001.20150 and earlier versions
  • Acrobat DC for macOS 2021.001.20149 and earlier versions
  • Acrobat Reader DC for macOS 2021.001.20149 and earlier versions
  • Acrobat 2020 2020.001.30020 and earlier versions
  • Acrobat Reader 2020 2020.001.30020 and earlier versions
  • Acrobat 2017 2017.011.30194 and earlier versions
  • Acrobat Reader 2017 2017.011.30194 and earlier versions
  • Magento Commerce 2.4.2 and earlier versions
  • Magento Commerce 2.4.1-p1 and earlier versions
  • Magento Commerce 2.3.6-p1 and earlier versions
  • Magento Open Source 2.4.2 and earlier versions
  • Magento Open Source 2.4.1-p1 and earlier versions
  • Magento Open Source 2.3.6-p1 and earlier versions
  • Creative Cloud Desktop Application 5.3 and earlier versions
  • Adobe Media Encoder 15.1 and earlier versions
  • Adobe After Effects 18.1 and earlier versions
  • Adobe Medium 2.4.5.331 and earlier versions
  • Adobe Animate 21.0.5 and earlier versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

  • Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update

Vulnerability Identifier


Source


Related Link