Adobe Monthly Security Update (May 2021)
Release Date:
12 May 2021
4821
Views
RISK: Extremely High Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe Experience Manager |  Medium Risk | Remote Code Execution Security Restriction Bypass | APSB21-15 | |
| Adobe InDesign | Medium Risk | Remote Code Execution | APSB21-22 | |
| Adobe Illustrator | Medium Risk | Remote Code Execution | APSB21-24 | |
| Adobe InCopy | Medium Risk | Remote Code Execution | APSB21-25 | |
| Adobe Genuine Service | Medium Risk | Elevation of Privilege | APSB21-27 | |
| Adobe Acrobat and Reader |  Extremely High Risk | Remote Code Execution Elevation of Privilege Information Disclosure | Exploit in the wild | APSB21-29 |
| Magento | Medium Risk | Remote Code Execution Information Disclosure Data Manipulation Security Restriction Bypass | APSB21-30 | |
| Adobe Creative Cloud Desktop Application | Medium Risk | Remote Code Execution Elevation of Privilege | APSB21-31 | |
| Adobe Media Encoder | Medium Risk | Remote Code Execution Elevation of Privilege | APSB21-32 | |
| Adobe After Effects | Medium Risk | Remote Code Execution | APSB21-33 | |
| Adobe Medium | Medium Risk | Remote Code Execution | APSB21-34 | |
| Adobe Animate | Medium Risk | Remote Code Execution Information Disclosure | APSB21-35 |
Number of 'Extremely High Risk' product(s): 1
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 11
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Extremely High Risk
Impact
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Elevation of Privilege
- Data Manipulation
System / Technologies affected
- Adobe Experience Manager 6.5.7.0 and earlier versions
- Adobe Experience Manager 6.4.8.3 and earlier versions
- Adobe Experience Manager 6.3.3.8 and earlier versions
- Adobe Experience Manager AEM Cloud Service (CS)
- Adobe InDesign 16.0 and earlier versions
- Adobe Illustrator 2021 25.2 and earlier versions
- Adobe InCopy 16.0 and earlier versions
- Adobe Genuine Service 7.1 and earlier versions
- Acrobat DC for Windows 2021.001.20150 and earlier versions
- Acrobat Reader DC for Windows 2021.001.20150 and earlier versions
- Acrobat DC for macOS 2021.001.20149 and earlier versions
- Acrobat Reader DC for macOS 2021.001.20149 and earlier versions
- Acrobat 2020 2020.001.30020 and earlier versions
- Acrobat Reader 2020 2020.001.30020 and earlier versions
- Acrobat 2017 2017.011.30194 and earlier versions
- Acrobat Reader 2017 2017.011.30194 and earlier versions
- Magento Commerce 2.4.2 and earlier versions
- Magento Commerce 2.4.1-p1 and earlier versions
- Magento Commerce 2.3.6-p1 and earlier versions
- Magento Open Source 2.4.2 and earlier versions
- Magento Open Source 2.4.1-p1 and earlier versions
- Magento Open Source 2.3.6-p1 and earlier versions
- Creative Cloud Desktop Application 5.3 and earlier versions
- Adobe Media Encoder 15.1 and earlier versions
- Adobe After Effects 18.1 and earlier versions
- Adobe Medium 2.4.5.331 and earlier versions
- Adobe Animate 21.0.5 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
Vulnerability Identifier
Source
Related Link
Related Tags
Share with