Table of Contents
December 27, 2021
|5m
Identify And Fix Your Adobe Products Affected With Multiple Vulnerabilities
Previous week, Abode reported a long list of vulnerabilities from low to Critical on their multiple products. The report says that flaws have affected both the Windows and mac platform. We urge you to find and fix the vulnerable adobe products in your system and apply the patch as soon as possible. Go through this post to identify and fix your Adobe products affected with multiple vulnerabilities.
Impact of These Vulnerabilities:
Research says that these vulnerabilities could allow an attacker to carry out multiple cyber attacks on the vulnerable Adobe products which lead to data exfiltration, information discloser, and compromise the system. If you don’t find the Adobe products affected with these vulnerabilities and fix then up. You may become a victim of privilege escalation, remote code execution, arbitrary code execution, cross-site-scripting, and denial of service attacks.
List of Adobe Products Affected with Multiple Vulnerabilities:
Here is the list of vulnerable Adobe Products and its versions. Check our your Adobe Product out of this list and fix the flaws as soon as you can.
| Adobe Product | Affected Versions | Vulnerabilities |
| Adobe Premiere Rush | 1.5.16 and prior | CVE-2021-40783CVE-2021-40784CVE-2021-43021CVE-2021-43022CVE-2021-43023CVE-2021-43024CVE-2021-43025CVE-2021-43026CVE-2021-43028CVE-2021-43029CVE-2021-43030CVE-2021-43746CVE-2021-43747CVE-2021-43748CVE-2021-43749CVE-2021-43750 |
| Adobe Experience Manager | AEM Cloud Service (CS)6.5.10.0 and prior | CVE-2021-43761CVE-2021-40722CVE-2021-43762CVE-2021-43764CVE-2021-43765CVE-2021-44176CVE-2021-44177CVE-2021-44178 |
| Adobe Connect | 11.3 and prior | CVE-2021-43014 |
| Photoshop 2021 | 22.5.3 and prior | CVE-2021-43018CVE-2021-43020CVE-2021-44184 |
| Photoshop 2022 | 23.0.2 and prior | CVE-2021-43018CVE-2021-43020CVE-2021-44184 |
| Adobe Prelude | 22.0 and prior | CVE-2021-43754CVE-2021-44696 |
| Adobe After Effects | 18.4.2 and prior | CVE-2021-43755CVE-2021-44188CVE-2021-44189CVE-2021-44190CVE-2021-44191CVE-2021-44192CVE-2021-44193CVE-2021-44194CVE-2021-44195CVE-2021-43027 |
| Adobe Dimension | 3.4.3 and prior | CVE-2021-43763CVE-2021-44179CVE-2021-44180CVE-2021-44181CVE-2021-44182CVE-2021-44183 |
| Adobe Premiere Pro | 15.4.2 and prior | CVE-2021-43751CVE-2021-40790CVE-2021-40791CVE-2021-40795CVE-2021-42265 |
| Adobe Media Encoder | 15.4.2 and prior | CVE-2021-43756CVE-2021-43757CVE-2021-43758CVE-2021-43759CVE-2021-43760 |
| Lightroom | 4.4 and prior | CVE-2021-43753 |
| Adobe Audition version | 14.4 and prior | CVE-2021-44697CVE-2021-44698CVE-2021-44699 |
Summary of Vulnerabilities Affects Adobe Products:
| Vulnerabilities | Vulnerability Impact | CVSS Score | Severity | CVSS Vector |
| CVE-2021-40783 | Arbitrary Code Execution | Critical | ||
| CVE-2021-40784 | Arbitrary Code Execution | Critical | ||
| CVE-2021-43021 | Arbitrary code execution | Critical | ||
| CVE-2021-43022 | Arbitrary code execution | Critical | ||
| CVE-2021-43023 | Arbitrary code execution | Critical | ||
| CVE-2021-43024 | Application denial-of-service | Important | ||
| CVE-2021-43025 | Arbitrary code execution | Critical | ||
| CVE-2021-43026 | Arbitrary code execution | Critical | ||
| CVE-2021-43028 | Arbitrary code execution | Critical | ||
| CVE-2021-43029 | Arbitrary code execution | Critical | ||
| CVE-2021-43030 | Privilege escalation | Important | ||
| CVE-2021-43746 | Arbitrary code execution | Critical | ||
| CVE-2021-43747 | Arbitrary code execution | Critical | ||
| CVE-2021-43748 | Application denial-of-service | Important | ||
| CVE-2021-43749 | Application denial-of-service | Important | ||
| CVE-2021-43750 | Application denial-of-service | Important | ||
| CVE-2021-43761 | Arbitrary code execution | 8 | Critical | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-40722 | Arbitrary code execution | 9.8 | Critical | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CVE-2021-43762 | Security feature bypass | 6.5 | Important | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
| CVE-2021-43764 | Arbitrary code execution | 8 | Critical | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-43765 | Arbitrary code execution | 8.1 | Critical | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
| CVE-2021-44176 | Arbitrary code execution | 8.1 | Critical | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
| CVE-2021-44177 | Arbitrary code execution | 8.1 | Critical | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N |
| CVE-2021-44178 | Arbitrary code execution | 5.4 | Important | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N |
| CVE-2021-43755 | Arbitrary code execution | 7.8 | Critical | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-44188 | Arbitrary code execution | 7.8 | Critical | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-44189 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44190 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44191 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44192 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44193 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44194 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44195 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-43027 | Privilege escalation | 3.3 | Moderate | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-43763 | Privilege escalation | 3.3 | Important | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44179 | Arbitrary code execution | 7.8 | Critical | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-44180 | Arbitrary code execution | 7.8 | Critical | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-44181 | Arbitrary code execution | 7.8 | Critical | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-44182 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44183 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-43751 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-40790 | Privilege escalation | 3.3 | Moderate | |
| CVE-2021-40791 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-40795 | Arbitrary code execution | 7.8 | Critical | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-42265 | Privilege escalation | 3.3 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-43756 | Arbitrary code execution | 7.8 | Critical | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| CVE-2021-43757 | Arbitrary code execution | 7.8 | Critical | |
| CVE-2021-43758 | Privilege escalation | 4 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-43759 | Privilege escalation | 4 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-43760 | Privilege escalation | 4 | Moderate | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44697 | Privilege escalation | 3.3 | Moderate | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44698 | Privilege escalation | 3.3 | Moderate | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
| CVE-2021-44699 | Privilege escalation | 3.3 | Moderate | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N |
Fix Adobe Products Affected with Multiple Vulnerabilities:
We recommend to take the required measures to fix your adobe products affected which are affected with these multiple vulnerabilities. Adobe has released updates for all the products listed as vulnerable. Please go through this list and update your products.
We hope this post would help you identify your Adobe products affected with multiple vulnerabilities. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.
You may also like these articles:
How To Fix CVE-2022-24091(2)- New RCE Vulnerabilities In Adobe Acrobat Reader DC
How To Fix The New ACE Vulnerability In Adobe After Effects- CVE-2022-23200
How to Quickly Find and Fix Vulnerabilities on Windows in No Time?
How to Patch CVE-2022-3656- A SymStealer Vulnerability in The Google Chrome?
How To Fix CVE-2022-4262- A Type Confusion Bug in the V8 JavaScript Engine in Chrome
Arun KL
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
