Adobe Monthly Security Update (September 2021)
Release Date:
15 Sep 2021
6525
Views
RISK: Medium Risk
TYPE: Clients - Productivity Products
Adobe has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes | Details (including CVE) |
| Adobe XMP Toolkit SDK |  Medium Risk | Information Disclosure | APSB21-85 | |
| Adobe Photoshop | Medium Risk | Remote Code Execution | APSB21-84 | |
| Adobe Experience Manager | Medium Risk | Cross-site Scripting Remote Code Execution Denial of Service Security Restriction Bypass | APSB21-82 | |
| Adobe Genuine Service | Medium Risk | Elevation of Privilege | APSB21-81 | |
| Adobe Digital Editions | Medium Risk | Elevation of Privilege Data Manipulation Remote Code Execution | APSB21-80 | |
| Adobe Premiere Elements | Medium Risk | Remote Code Execution | APSB21-78 | |
| Adobe Photoshop Elements | Medium Risk | Remote Code Execution | APSB21-77 | |
| Adobe Creative Cloud Desktop Application | Medium Risk | Data Manipulation | APSB21-76 | |
| Adobe ColdFusion | Medium Risk | Security Restriction Bypass | APSB21-75 | |
| Adobe Framemaker | Medium Risk | Information Disclosure Remote Code Execution | APSB21-74 | |
| Adobe InDesign | Medium Risk | Remote Code Execution | APSB21-73 | |
| Adobe SVG Native Viewer | Medium Risk | Remote Code Execution | APSB21-72 | |
| Adobe InCopy | Medium Risk | Data Manipulation Remote Code Execution | APSB21-71 | |
| Adobe Premiere Pro | Medium Risk | Remote Code Execution | APSB21-67 | |
| Adobe Acrobat and Reader | Medium Risk | Remote Code Execution Information Disclosure Denial of Service | APSB21-55 |
Number of 'Extremely High Risk' product(s): 0
Number of 'High Risk' product(s): 0
Number of 'Medium Risk' product(s): 15
Number of 'Low Risk' product(s): 0
Evaluation of overall 'Risk Level': Medium Risk
Impact
- Elevation of Privilege
- Data Manipulation
- Remote Code Execution
- Denial of Service
- Security Restriction Bypass
- Cross-Site Scripting
- Information Disclosure
System / Technologies affected
- Adobe XMP-Toolkit-SDK 2021.07 and earlier versions
- Photoshop 2020 21.2.11 and earlier versions
- Photoshop 2021 22.5 and earlier versions
- Adobe Experience Manager (AEM) AEM Cloud Service (CS)
- Adobe Experience Manager (AEM) 6.5.9.0 and earlier versions
- Adobe Genuine Service 7.3 and earlier versions
- Adobe Digital Editions 4.5.11.187646 and earlier versions
- Adobe Premiere Elements 2021 [build 19.0 (20210127.daily.2235820) and earlier versions
- Photoshop Elements 2021 [build 19.0 (20210304.m.156367) and earlier versions
- Creative Cloud Desktop Application 5.4 and earlier versions
- ColdFusion 2018 Update 11 and earlier versions
- ColdFusion 2021 Version 1 and earlier versions
- Adobe Framemaker 2019 Update 8 and earlier versions
- Adobe Framemaker 2020 Release Update 2 and earlier versions
- Adobe InDesign 16.3.2 and earlier versions
- Adobe InDesign 16.3 and earlier versions
- Adobe SVG-Native-Viewer
- Adobe InCopy 16.3.1 and earlier versions
- Adobe InCopy 16.3 and earlier versions
- Adobe Premiere Pro 15.4 and earlier versions
- Acrobat DC 2021.005.20060 and earlier versions
- Acrobat Reader DC 2021.005.20060 and earlier versions
- Acrobat DC 2021.005.20058 and earlier versions
- Acrobat Reader DC 2021.005.20058 and earlier versions
- Acrobat 2020 2020.004.30006 and earlier versions
- Acrobat Reader 2020 2020.004.30006 and earlier versions
- Acrobat 2017 2017.011.30199 and earlier versions
- Acrobat Reader 2017 2017.011.30199 and earlier versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. Please refer to 'Details' column in the above table for details of individual product update or run software update
Vulnerability Identifier
Source
Related Link
Related Tags
Share with